With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
teixeira0xfffff
/ MSAcpi_ThermalZoneTemperature.ps1
Created
June 18, 2019 05:36
Anti-VM Techniques with MSAcpi_ThermalZoneTemperature
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-AntiVMwithTemperature { | |
| $t = Get-WmiObject MSAcpi_ThermalZoneTemperature -Namespace "root/wmi" | |
| $valorTempKelvin = $t.CurrentTemperature / 10 | |
| $valorTempCelsius = $valorTempKelvin - 273.15 | |
| $valorTempFahrenheit = (9/5) * $valorTempCelsius + 32 | |
| return $valorTempCelsius.ToString() + " C : " + $valorTempFahrenheit.ToString() + " F : " + $valorTempKelvin + "K" | |
| } |
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| WARNING: | |
| the newest version of this rule is now hosted here: | |
| https://github.com/Neo23x0/god-mode-rules/blob/master/godmode.yar | |
| */ | |
| /* | |
| _____ __ __ ___ __ |
sergiospagnuolo
/ readme.md
Last active
November 25, 2021 22:00
Script para tirar série história de BOs do Estado de SP (fonte: SSPSP)
Evite fazer muitos requests em pouco tempo para não ter seu IP bloqueado nem abusar do servidor alheio
Pacote desenvolvido por Fernando Corrêa (azeloc), publicado no GitHub da Associação Brasileira de Jurimetria (abjur).
Referência e metodologia: http://www.ssp.sp.gov.br/transparenciassp/
| Crime | Trigger |
Proteas
/ inject_trusts-iOS-v12.1.2-16C104-iPhone11,x.c
Last active
October 22, 2023 11:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void inject_trusts(int pathc, const char *paths[]) | |
| { | |
| printf("[+] injecting into trust cache...\n"); | |
| extern uint64_t g_kern_base; | |
| static uint64_t tc = 0; | |
| if (tc == 0) { | |
| /* loaded_trust_caches | |
| iPhone11,2-4-6: 0xFFFFFFF008F702C8 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #lang racket | |
| ;; this is a stand alone simple version of the closure conversion part of the hoist pass from the tarot compiler | |
| ;; see https://rain-1.github.io/scheme for more. | |
| (require data/queue) | |
| ;; closure conversion for lambda calculus | |
| ;; | |
| ;; the input language is: |
leoloobeek
/ sysmon_lolbas_profiler.ps1
Created
January 28, 2019 23:38
Profile Sysmon logs to discover which LOLBAS binaries have ran and what they're command line arguments were
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://github.com/LOLBAS-Project/LOLBAS | |
| $lolbins = @("Atbroker.exe","Bash.exe","Bitsadmin.exe","Certutil.exe","Cmdkey.exe","Cmstp.exe","Control.exe","Csc.exe","Dfsvc.exe","Diskshadow.exe","Dnscmd.exe","Esentutl.exe","Eventvwr.exe","Expand.exe","Extexport.exe","Extrac32.exe","Findstr.exe","Forfiles.exe","Ftp.exe","Gpscript.exe","Hh.exe","Ie4uinit.exe","Ieexec.exe","Infdefaultinstall.exe","Installutil.exe","Makecab.exe","Mavinject.exe","Microsoft.Workflow.Compiler.exe","Mmc.exe","Msbuild.exe","Msconfig.exe","Msdt.exe","Mshta.exe","Msiexec.exe","Odbcconf.exe","Pcalua.exe","Pcwrun.exe","Presentationhost.exe","Print.exe","Reg.exe","Regasm.exe","Regedit.exe","Register-cimprovider.exe","Regsvcs.exe","Regsvr32.exe","Replace.exe","Rpcping.exe","Rundll32.exe","Runonce.exe","Runscripthelper.exe","Sc.exe","Schtasks.exe","Scriptrunner.exe","SyncAppvPublishingServer.exe","Verclsid.exe","Wab.exe","Wmic.exe","Wscript.exe","Xwizard.exe","Appvlp.exe","Bginfo.exe","Cdb.exe","csi.exe","dnx.exe","Dxcap.exe","Mftrace.exe","Msdep |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Title: SSHtranger Things | |
| Author: Mark E. Haase <[email protected]> | |
| Homepage: https://www.hyperiongray.com | |
| Date: 2019-01-17 | |
| CVE: CVE-2019-6111, CVE-2019-6110 | |
| Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt | |
| Tested on: Ubuntu 18.04.1 LTS, OpenSSH client 7.6p1 | |
| We have nicknamed this "SSHtranger Things" because the bug is so old it could be |
0xdabbad00
/ grugq quotes from Downclimb
Created
November 24, 2018 17:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Give a man an 0day and he'll have access for a day, teach a man to phish and he'll have access for life. | |
| https://twitter.com/thegrugq/status/563964286783877121 | |
| -- | |
| You can get 25% off a Mandiant incident response with the code: ITWASCHINA. 100% off if you just use that code as the report. | |
| https://twitter.com/thegrugq/status/600345075562909696 | |
| -- | |
| Fear of 0day is like being terrified of ninjas instead of cardiovascular disease. | |
| https://twitter.com/thegrugq/status/851001030019907588 |
DavidBuchanan314
/ cursed_mandelbrot.c
Last active
June 28, 2023 15:12
Compile-time mandelbrot in pure C. Outputs a PGM image file to stdout. Output can be seen at https://twitter.com/David3141593/status/1062468528115200001
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #define SQ(x) (x)*(x) | |
| #define M0(x,y) SQ(x)+SQ(y)<4?0:0xe0 | |
| #define M1(x,y,x0,y0) (SQ(x)+SQ(y)<4)?M0(SQ(x)-SQ(y)+(x0),2*(x)*(y)+(y0)):0xc0 | |
| #define M2(x,y,x0,y0) (SQ(x)+SQ(y)<4)?M1(SQ(x)-SQ(y)+(x0),2*(x)*(y)+(y0),x0,y0):0xa0 | |
| #define M3(x,y,x0,y0) (SQ(x)+SQ(y)<4)?M2(SQ(x)-SQ(y)+(x0),2*(x)*(y)+(y0),x0,y0):0x80 | |
| #define M4(x,y,x0,y0) (SQ(x)+SQ(y)<4)?M3(SQ(x)-SQ(y)+(x0),2*(x)*(y)+(y0),x0,y0):0x60 | |
| #define M5(x,y,x0,y0) (SQ(x)+SQ(y)<4)?M4(SQ(x)-SQ(y)+(x0),2*(x)*(y)+(y0),x0,y0):0x40 |