TechByTom
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import os | |
| import json | |
| import subprocess | |
| import argparse | |
| from datetime import datetime, timedelta | |
| import smtplib | |
| from email.mime.text import MIMEText | |
| from email.mime.multipart import MIMEMultipart | |
| from email.utils import formataddr |
TechByTom
/ Web-InterfaceCategorizer.ps1
Last active
February 27, 2025 19:57
Internal Admin Interface Discovery + Categorization + Reporting.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param( | |
| [Parameter(Mandatory=$true)] | |
| [string]$ScanDirectory, | |
| [Parameter(Mandatory=$true)] | |
| [string]$FingerprintsFile, | |
| [Parameter(Mandatory=$false)] | |
| [string]$OutputDirectory = ".\categorized_interfaces" | |
| ) |
TechByTom
/ Web-InterfaceIdentifier-0.2.1.ps1
Created
February 7, 2025 00:18
WIP - nmap xml file interpreter that checks a variety of information about any web interfaces found.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param( | |
| [Parameter(Mandatory=$true)] | |
| [string]$XmlPath, | |
| [Parameter(Mandatory=$false)] | |
| [int]$MaxHosts = 15, | |
| [Parameter(Mandatory=$false)] | |
| [int]$RequestTimeout = 10 | |
| ) | |
| # Function definitions must come before usage |
TechByTom
/ GetAllADDNSRecordsAsAUser.ps1
Last active
March 14, 2024 16:59
GetAllADDNSRecordsAsAUser
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Import the Active Directory module | |
| Write-Host "Importing the Active Directory module..." | |
| Import-Module ActiveDirectory | |
| Write-Host "Active Directory module imported." | |
| # Automatically derive the domain's distinguished name | |
| Write-Host "Retrieving the current user's domain context..." | |
| $domainDN = (Get-ADDomain).DistinguishedName | |
| Write-Host "The current user's domain context has been retrieved: $domainDN" |
TechByTom
/ RTX 3080 Ti FTW3 Hybrid - Base Clocks Hashcat 5.1.0 benchmark
Created
May 3, 2022 21:28
RTX 3080 Ti FTW3 Hybrid - Base Clocks Hashcat 5.1.0 benchmark
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OpenCL Platform #1: NVIDIA Corporation | |
| ====================================== | |
| * Device #1: NVIDIA GeForce RTX 3080 Ti, 3071/12287 MB allocatable, 80MCU | |
| Benchmark relevant options: | |
| =========================== | |
| * --optimized-kernel-enable | |
| Hashmode: 0 - MD5 |
TechByTom
/ simplecrt.sh
Created
December 17, 2020 20:56
Bash one liner to get all certificates from crt.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -s 'https://crt.sh/?q=%.'$1'&output=json' | jq '.[] | {name_value}' | grep "name_value" | sed 's/\"//g' | cut -d":" -f2- | tr -d '[:blank:]' | sed 's/\\n/\n/g' | tr '[:upper:]' '[:lower:]' | sort -u |
TechByTom
/ functioninjection.vba
Created
December 16, 2020 16:54
— forked from rmdavy/functioninjection.vba
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Declare PtrSafe Function DispCallFunc Lib "OleAut32.dll" (ByVal pvInstance As Long, ByVal offsetinVft As Long, ByVal CallConv As Long, ByVal retTYP As Integer, ByVal paCNT As Long, ByRef paTypes As Integer, ByRef paValues As Long, ByRef retVAR As Variant) As Long | |
| Declare PtrSafe Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long | |
| Declare PtrSafe Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long | |
| Const CC_STDCALL = 4 | |
| Const MEM_COMMIT = &H1000 | |
| Const PAGE_EXECUTE_READWRITE = &H40 | |
| Private VType(0 To 63) As Integer, VPtr(0 To 63) As Long |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -eq 0 ] | |
| then | |
| echo "Usage: getCSCert.sh yourdomainhere.com" | |
| exit 1 | |
| fi | |
| MyDomain="`echo "$1" | tr '[:upper:]' '[:lower:]'`" | |
| sudo service nginx stop | |
| read -p "Add this server to your public port 80 security group, then press any key to continue..." | |
| sudo certbot certonly --standalone --preferred-challenges http -d $MyDomain |
TechByTom
/ stagelessweb.cna
Created
September 1, 2020 16:14
— forked from rsmudge/stagelessweb.cna
A stageless variant of the PowerShell Web Delivery attack. This script demonstrates the new scripting APIs in Cobalt Strike 3.7 (generate stageless artifacts, host content on Cobalt Strike's web server, build dialogs, etc.)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Scripted Web Delivery (Stageless) | |
| # | |
| # This script demonstrates some of the new APIs in Cobalt Strike 3.7. | |
| # setup our stageless PowerShell Web Delivery attack | |
| sub setup_attack { | |
| local('%options $script $url $arch'); | |
| %options = $3; | |
| # get the arch right. |
TechByTom
/ Disable Windows Defender
Created
June 25, 2020 20:14
Disable windows defender - add to reg, then reboot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] | |
| "DisableAntiSpyware"=dword:00000001 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] | |
| "DisableBehaviorMonitoring"=dword:00000001 | |
| "DisableOnAccessProtection"=dword:00000001 | |
| "DisableScanOnRealtimeEnable"=dword:00000001 |
NewerOlder