Skip to content

Instantly share code, notes, and snippets.

View filipesam's full-sized avatar

filipesam

20 followers · 66 following
View GitHub Profile
@jeffmcjunkin
jeffmcjunkin / gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Last active January 27, 2025 07:01
Useful Cypher queries for BloodHound
MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer
RETURN u.name
That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership
---------------
MATCH
(U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer)
WITH
U.name as n,
@haproxytechblog
haproxytechblog / blog20180913-01.cfg
Last active June 14, 2022 14:21
Introduction to HAProxy ACLs
acl is_static path -i -m beg /static/
@ceres-c
ceres-c / frida-extract-keystore.py
Last active December 7, 2024 15:26
Automatically extract KeyStore objects and relative password from Android applications with Frida - Read more: https://ceres-c.it/2018/12/16/frida-android-keystore/
#!/usr/bin/python3
'''
author: ceres-c
usage: ./frida-extract-keystore.py
Once the keystore(s) have been exported you have to convert them to PKCS12 using keytool
'''
import frida, sys, time
@ajxchapman
ajxchapman / README.md
Created January 15, 2019 22:41
Linux Gateway with WPAD and PAC

Linux Gateway with WPAD and PAC

Simple setup to create a Linux gateway on Ubuntu 18.04 that provides WPAD settings via DHCP option 252.

systemctl disable systemd-resolved.service
systemctl stop systemd-resolved
apt update
apt install dnsmasq
unlink /etc/resolv.conf
echo "nameserver 8.8.8.8" > /etc/resolv.conf
@seajaysec
seajaysec / customqueries.json
Last active February 12, 2025 16:58
bloodhound custom queries
{
"queries": [{
"name": "List all owned users",
"queryList": [{
"final": true,
"query": "MATCH (m:User) WHERE m.owned=TRUE RETURN m"
}]
},
{
"name": "List all owned computers",
@0xhexmex
0xhexmex / Get-KerberosKeytab.ps1
Created February 14, 2019 21:50 — forked from raandree/Get-KerberosKeytab.ps1
Parses Kerberos Keytab files
param(
[Parameter(Mandatory)]
[string]$Path
)
#Created by [email protected]
#
#Got keytab structure from http://www.ioplex.com/utilities/keytab.txt
#
# keytab {
@aayla-secura
aayla-secura / jwt_rs256_as_hs256.py
Last active March 20, 2022 12:15
JWT RS256 to HS256 re-signing attack
#!/usr/bin/env python2
#############################################################
# @AaylaSecura1138, github.com/aayla-secura
# Modify and distribute as you wish
#############################################################
# NO LONGER MAINTAINED: CURRENT CODE LIVES HERE:
# https://github.com/aurainfosec/jwt_resign_asym_to_sym
#############################################################
# Some JWT libraries are vulnerable to a known attack which changes
# the type of a JWT from an asymmetric (e.g. RS256) to a symmetric
@leonjza
leonjza / cve-2019-6340.py
Last active February 27, 2020 18:39
CVE-2019-6340
#!/usr/bin/env python3
# CVE-2019-6340 Drupal <= 8.6.9 REST services RCE PoC
# 2019 @leonjza
# Technical details for this exploit is available at:
# https://www.drupal.org/sa-core-2019-003
# https://www.ambionics.io/blog/drupal8-rce
# https://twitter.com/jcran/status/1099206271901798400
@howyay
howyay / Setting up Postfix on Debian.md
Last active April 13, 2025 13:55
A guide to set up a Postfix + Dovecot IMAP server with complete spf, dkim and dmarc support.

An ultimate guide to Postfix + Dovecot IMAP server with complete SPF, DKIM and DMARC support and additional instructions for a multi-domain setup

In this guide, domain.com will be your root domain and mail.domain.com will be the hostname of your mail server

@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module: