Skip to content

Instantly share code, notes, and snippets.

View Siss3l's full-sized avatar
🦊

Sissel Siss3l

🦊
View GitHub Profile
@moohax
moohax / custom_array.py
Last active August 26, 2022 12:22
Custom numpy array
# https://numpy.org/doc/stable/reference/generated/numpy.array.html
class ArrayExec:
import os
if os.name == 'nt':
os.system("calc.exe")
else:
os.system("/bin/bash")
def __array__(self):
return 1
@charlie2951
charlie2951 / ann_micropython.py
Created June 19, 2022 13:28
##Micropython implementation of Multi-layer Perceptron (MLP)
##Artificial Neural network-Fully connected Dense layer
##Trained hyperparameters are collected from tensorflow-keras
# and fed to our Neural network for testing and prediction
##Version:1.0.1
##Date 14/06/2022
def zeros1d(x): # 1d zero matrix
z = [0 for i in range(len(x))]
return z
@tothi
tothi / certifried_with_krbrelayup.md
Last active December 18, 2024 19:47
Certifried combined with KrbRelayUp: non-privileged domain user to Domain Admin without adding/pre-owning computer accounts

Certifried combined with KrbRelayUp

Certifried (CVE-2022-26923) gives Domain Admin from non-privileged user with the requirement adding computer accounts or owning a computer account. Kerberos Relay targeting LDAP and Shadow Credentials gives a non-privileged domain user on a domain-joined machine local admin access on (aka owning) the machine. Combination of these two: non-privileged domain user escalating to Domain Admin without the requirement adding/owning computer accounts.

The attack below uses only Windows (no Linux tools interacting with the Domain), simulating a real-world attack scenario.

Prerequisites:

@vinhjaxt
vinhjaxt / Windows server officials ISO file.md
Created May 14, 2022 19:15
Windows server officials ISO file
@Explosion-Scratch
Explosion-Scratch / Bookmarklets.md
Last active February 27, 2025 18:07
Bookmarklets

Copy ChatGPT Transcript as markdown

javascript:void (async () => { let { default: TD } = await import("https://cdn.skypack.dev/turndown");  let json = [   ...document.querySelectorAll(".text-base"), ].map((i) => ({   html: i.innerHTML,   text: i.innerText,   markdown: new TD().turndown(i),   isPrompt: !i.querySelector(".prose"), }));  window.open(   URL.createObjectURL(     new Blob(       [         json           .map((i) =>             i.isPrompt ? `**Prompt**: ${i.text}` : `**ChatGPT**: ${i.markdown}`           )           .join("\n\n"),       ],       { type: "text/plain" }     )   ) ); })()

Google answer

Get a quick answer from google for any question

(async function answer(q) {
  var html = await fetch(
    `https://cors.explosionscratc.repl.co/google.com/search?q=${encodeURI(q)}`,
@h4x0r-dz
h4x0r-dz / Generic keys
Created May 5, 2022 09:15
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
@mmozeiko
mmozeiko / !README.md
Last active April 29, 2025 22:17
Download MSVC compiler/linker & Windows SDK without installing full Visual Studio

This downloads standalone MSVC compiler, linker & other tools, also headers/libraries from Windows SDK into portable folder, without installing Visual Studio. Has bare minimum components - no UWP/Store/WindowsRT stuff, just files & tools for native desktop app development.

Run py.exe portable-msvc.py and it will download output into msvc folder. By default it will download latest available MSVC & Windows SDK - currently v14.40.33807 and v10.0.26100.0.

You can list available versions with py.exe portable-msvc.py --show-versions and then pass versions you want with --msvc-version and --sdk-version arguments.

To use cl.exe/link.exe first run setup_TARGET.bat - after that PATH/INCLUDE/LIB env variables will be updated to use all the tools as usual. You can also use clang-cl.exe with these includes & libraries.

To use clang-cl.exe without running setup.bat, pass extra /winsysroot msvc argument (msvc is folder name where output is stored).

@tothi
tothi / krbrelay_privesc_howto.md
Last active April 23, 2025 01:59
Privilege Escalation using KrbRelay and RBCD

KrbRelay with RBCD Privilege Escalation HOWTO

Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.

TL;DR

No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.

Prerequisites:

  • LDAP signing not required on Domain Controller (default!)
@jinschoi
jinschoi / bitstream-from-sub.py
Created April 17, 2022 18:00
Python script to clean up and recover an OOK bitstream from a Flipper RAW .sub file.
#!/usr/bin/env python
# Find the raw bitstring from a captured Flipper RAW .sub file.
# Must provide the bitlength in ms, and the allowable error which can be tolerated.
import re
import sys
import math
filename = sys.argv[1]
@kachakil
kachakil / Solution-to-Adepts-of-0xCC-Challenge-01.md
Created April 1, 2022 18:41