ssh -i keyfile.pem ubuntu@<ip>
sudo apt -y update && sudo apt -y upgrade
sudo apt install -y p7zip-full build-essential linux-image-extra-virtual linux-source
echo options nouveau modeset=0 | sudo tee -a /etc/modprobe.d/nouveau-kms.conf
sudo update-initramfs -u
# to activate latest kernel
ducnp
/ cobaltstrike_sa.txt
Created
November 27, 2019 10:36
— forked from HarmJ0y/cobaltstrike_sa.txt
Cobalt Strike Situational Awareness Commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows version: | |
| reg query x64 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion | |
| Users who have authed to the system: | |
| ls C:\Users\ | |
| System env variables: | |
| reg query x64 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment | |
| Saved outbound RDP connections: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| TechniqueID | Data Source | |
|---|---|---|
| Technique/T1001 | Packet capture,Process use of network,Process monitoring,Network protocol analysis | |
| Technique/T1002 | File monitoring,Binary file metadata,Process command-line parameters,Process monitoring | |
| Technique/T1003 | API monitoring,Process command-line parameters,Process monitoring,PowerShell logs | |
| Technique/T1004 | Windows Registry,File monitoring,Process monitoring | |
| Technique/T1005 | File monitoring,Process monitoring,Process command-line parameters | |
| Technique/T1006 | API monitoring | |
| Technique/T1007 | Process command-line parameters,Process monitoring | |
| Technique/T1008 | Packet capture,Netflow/Enclave netflow,Malware reverse engineering,Process use of network,Process monitoring | |
| Technique/T1009 |
ducnp
/ aws-ec-p2.xlarge-hashcat.md
Created
September 17, 2018 06:43
— forked from gwillem/aws-ec-p2.xlarge-hashcat.md
Get an AWS EC2 p2.xlarge ready for hashcat MD5 cracking!
ducnp
/ query.sh
Created
December 29, 2017 07:50
— forked from k06a/query.sh
Passwords Query (+macOS-fix) (+sgrep)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| dir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) | |
| # magnet:?xt=urn:btih:7ffbcd8cee06aba2ce6561688cf68ce2addca0a3 | |
| # 1. Fixed letter1, letter2, letter3 assignments for macOS compatibility | |
| # 2. Changed grep to sgrep (sorted grep), need to preinstall: npm i -g sgrep | |
| if [ "$1" != "" ]; then | |
| letter1=$(echo ${1:0:1}) | |
| if [[ $letter1 == [a-zA-Z0-9] ]]; then |
ducnp
/ breachcompilation.txt
Created
December 29, 2017 07:48
1.4 billion password breach compilation wordlist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wordlist created from original 41G stash via: | |
| grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt | |
| Then, compressed with: | |
| 7z a breachcompilation.txt.7z breachcompilation.txt | |
| Size: |