Skip to content

Instantly share code, notes, and snippets.

View bannsec's full-sized avatar

bannsec

190 followers · 48 following
View GitHub Profile
@anthonysterling
anthonysterling / Vagrantfile
Last active April 29, 2020 15:28
Handy Vagrantfile for IE testing with Vagrant.
# Usage: IE={box} vagrant up
#
# Eg. IE=XPIE6 vagrant up
boxes = {
"XPIE6" => "http://aka.ms/vagrant-xp-ie6",
"XPIE8" => "http://aka.ms/vagrant-xp-ie8",
"VistaIE7" => "http://aka.ms/vagrant-vista-ie7",
"Win7IE8" => "http://aka.ms/vagrant-win7-ie8",
"Win7IE9" => "http://aka.ms/vagrant-win7-ie9",
@aescalana
aescalana / manageFlaskSession.py
Last active October 21, 2024 13:43
Decode and Encode Flask's session cookie. Great for testing purposes; only the secret key is needed
#!/usr/bin/env python
from flask.sessions import SecureCookieSessionInterface
from itsdangerous import URLSafeTimedSerializer
class SimpleSecureCookieSessionInterface(SecureCookieSessionInterface):
# Override method
# Take secret_key instead of an instance of a Flask app
def get_signing_serializer(self, secret_key):
if not secret_key:
return None
@mattifestation
mattifestation / FileReadPrimitive.ps1
Last active June 12, 2023 16:33
A WMI file content read primitive - ROOT/Microsoft/Windows/Powershellv3/PS_ModuleFile
$CimSession = New-CimSession -ComputerName 10.0.0.2
$FilePath = 'C:\Windows\System32\notepad.exe'
# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation.
$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession
$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly
$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession
$FileLengthBytes = $FileContents.FileData[0..3]
[Array]::Reverse($FileLengthBytes)
@oleavr
oleavr / frida-logging.md
Last active April 7, 2023 08:53
Frida logging hacks

Frida logging helper

For adding temporary logging to help understand behavior. For when it is impractical to use Frida to instrument Frida.

Choose one of these and copy-paste it into e.g. lib/interfaces/session.vala, then use log_event ("name='%s'", name); to log.

When something appears to be hanging, try applying: x-async-debug.patch.

@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@GeisericII
GeisericII / Get-LoggedOn.py
Last active November 1, 2024 19:35
Stupid simple script copied and pasted from reg.py/lookupsid and inspired from itm4n's session enum via registry
#!/usr/bin/python3
from __future__ import division
from __future__ import print_function
import re
import codecs
import logging
import time
import argparse
import sys
from impacket import version
@stong
stong / cups-browsed.md
Last active October 8, 2024 18:53
CUPS disclosure leaked online. Not my report. The original author is @evilsocket

Original report

  • Affected Vendor: OpenPrinting
  • Affected Product: Several components of the CUPS printing system: cups-browsed, libppd, libcupsfilters and cups-filters.
  • Affected Version: All versions <= 2.0.1 (latest release) and master.
  • Significant ICS/OT impact? no
  • Reporter: Simone Margaritelli [[email protected]]
  • Vendor contacted? yes The vendor has been notified trough Github Advisories and all bugs have been confirmed: