meng alessiomangoni13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-Mimikatz | |
| { | |
| <# | |
| .SYNOPSIS | |
| This script leverages Mimikatz 2.0 and Invoke-ReflectivePEInjection to reflectively load Mimikatz completely in memory. This allows you to do things such as | |
| dump credentials without ever writing the mimikatz binary to disk. | |
| The script has a ComputerName parameter which allows it to be executed against multiple computers. | |
| This script should be able to dump credentials from any version of Windows through Windows 8.1 that has PowerShell v2 or higher installed. |
alessiomangoni13
/ iptables_grok
Created
February 8, 2017 23:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %{SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST:logsource} %{PROG:program}: (%{WORD:action})?( )?IN=(%{WORD:if_in})?( )?OUT=(%{WORD:if_out})?( )?(?:MAC=(?:%{CISCOMAC:mac_dst}|%{WINDOWSMAC:mac_dst}|%{COMMONMAC:mac_dst}):(?:%{CISCOMAC:mac_src}|%{WINDOWSMAC:mac_src}|%{COMMONMAC:mac_src})?:%{FRAME_TYPE:frame_type}:%{FRAME_DATA:frame_data})?( )?SRC=%{IPV4:src_ip}( )?DST=%{IPV4:dst_ip}( )?LEN=%{INT:lenght_in}( )?TOS=%{HEX:type_of_service}( )?PREC=%{HEX:precedent_bytes}( )?TTL=%{8BIT:ttl}( )?ID=%{NUMBER:pckt_id}( )?(%{WORD:frag_flag})?( )?PROTO=%{WORD:protocol}( )?SPT=%{16BIT:src_port}( )?DPT=%{16BIT:dst_port}( )?(LEN=%{INT:lenght_out})?( )?(WINDOW=%{16BIT:tcp_window_size})?( )?(RES=%{HEX:reserved_bits})?( )?(%{WORD:flag})?( )?(URGP=%{1BIT:urgent_flag})?( )? | |
| FRAME_TYPE ([0-9]{2}):([0-9]{2}) | |
| FRAME_DATA ([0-9:]*) | |
| HEX ([a-fA-F0-9x])* | |
| 1BIT ([0-1]) | |
| 8BIT ([01]?[0-9]?[0-9]|2[0-4][0-9]|25[0-5]) | |
| 16BIT (6553[0-5]|655[0-2]\d|65[0-4]\d{2}|6[0-4]\d{3}|[1-5]\d{4}|[1-9]\d{0,3}) |
alessiomangoni13
/ Public_IP_extractor_by_country.sh
Last active
November 1, 2016 13:57
Just a simple bash script to extract all public IP pools by country
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| FILE=RIPENCC_IP_list.txt | |
| MYDIRECTORY=$(pwd) | |
| CURL=$(/usr/bin/whereis curl | awk '{print $2}') | |
| WC=$(/usr/bin/whereis wc | awk '{print $2}') | |
| IP_REGEX="(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))" | |
| echo "this file will be written: $MYDIRECTORY/$FILE" | |
| COUNTRY="it" #INSERT YOUR COUNTRY CODE HERE | |
| ENTRYPOINT=$(grep -oE "^$COUNTRY\.[0-9a-z]*" $MYDIRECTORY/$FILE | head -n 1) | |
| LASTPOINT=$(grep -oE "^$COUNTRY\.[0-9a-z]*" $MYDIRECTORY/$FILE | tail -n 1) |
alessiomangoni13
/ script per generazione txt da NIPAP
Last active
October 4, 2016 16:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ############################ | |
| ## Methods | |
| ############################ | |
| prefix_to_bit_netmask() { | |
| prefix=$1; | |
| shift=$(( 32 - prefix )); | |
| bitmask="" |
alessiomangoni13
/ ipresolv.sh
Created
September 27, 2016 15:53
Script per la generazione di IP a partire da notazione CIDR
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ############################ | |
| ## Methods | |
| ############################ | |
| prefix_to_bit_netmask() { | |
| prefix=$1; | |
| shift=$(( 32 - prefix )); | |
| bitmask="" |
alessiomangoni13
/ script per stampa ip blacklist su NIPAP
Last active
October 4, 2016 16:32
final.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for i in `nipap address list | awk '{print $2}' | grep -vE [a-z] | sed '/^$/d' | grep -vE ^10.` ; | |
| do | |
| NET=`./ipresolv.sh $i | sed -e 1b -e '$!d' | sed -n '1{x;d};${H;x;s/\n/\t/g;p};{H}'` | |
| HOST=`./ipresolv.sh $i | sed -e 1b -e '$!d'` | |
| if ( echo $NET | grep -q ' ' ); | |
| then | |
| echo $NET |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| DATE=$(date +"%Y%m%d_%H%M") #current date and time AAAAMMDD_HHMM | |
| BLOG="" #put your blog's name here | |
| GHOST_PATH="/var/www/ghost/$BLOG" # I assume this is the path to your blog | |
| CURRENT_PATH=$(pwd) #I'm saving your current directory for later | |
| echo "stopping current Ghost instance (assuming you're using -supervisorctl-)" | |
| supervisorctl stop $BLOG #you have supervisorctl do you? | |
| echo "..DONE" | |
| echo "creating the directory under the current user home folder" | |
| mkdir $HOME/"$DATE" |