Jordan Borean jborean93
jborean93
/ PSClassSplat.ps1
Last active
December 5, 2023 10:25
Example on how to use a class as a PowerShell splat value
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class SplatClass : System.Collections.IEnumerable { | |
| SplatClass() {} | |
| [System.Collections.IEnumerator] GetEnumerator() { | |
| # This can be any hashtable stored or derived from the class. This is | |
| # just an example | |
| $params = @{ | |
| Path = '/tmp' | |
| } | |
jborean93
/ KDCProxy.ps1
Last active
June 10, 2025 20:18
Functions to help set up a KDC proxy server and add client proxy servers - https://syfuhs.net/kdc-proxy-for-remote-access
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2022, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Install-KDCProxyServer { | |
| <# | |
| .SYNOPSIS | |
| Set up a KDC Proxy server. | |
| .DESCRIPTION | |
| Sets up the KDC proxy server on the current host. |
jborean93
/ NetServiceAccount.ps1
Created
February 2, 2022 00:44
APIS that wrap the LMAccess Net*ServiceAccount APIS for Managed Service Accounts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Add-Type -Namespace LmAccess -Name Native -MemberDefinition @' | |
| [DllImport("Netapi32.dll", CharSet = CharSet.Unicode, EntryPoint = "NetAddServiceAccount")] | |
| private static extern int NativeNetAddServiceAccount( | |
| IntPtr ServerName, | |
| string AccountName, | |
| IntPtr Password, | |
| AddServiceFlags Flags); | |
| /// <summary>Add a sMSA or gMSA to the current host.</summary> | |
| /// <param name="accountName">The name of the MSA to install.</param> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import os.path | |
| import subprocess | |
| import sys | |
| import xml.etree.ElementTree as ET | |
| def main(): | |
| iface = sys.argv[1] | |
| hook_case = sys.argv[2] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| namespace PSOpenAD | |
| { | |
| internal static partial class Helpers | |
| { | |
| [StructLayout(LayoutKind.Sequential)] | |
| public struct krb5_keyblock | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2021, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-PEDetails { | |
| <# | |
| .SYNOPSIS | |
| Parses an executable's PE header. | |
| .DESCRIPTION | |
| Parses the PE Header and extracts the details of a Windows executable. |
jborean93
/ Get-DomainController.ps1
Last active
March 12, 2025 18:35
PowerShell wrapper for DsGetDcNameW
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2021, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function Get-DomainController { | |
| <# | |
| .SYNOPSIS | |
| Get the domain controller information. | |
| .DESCRIPTION | |
| Returns the name and additional information for the domain controller that matches the criteria specified. |
jborean93
/ pwsh_ssh_override.ps1
Last active
December 6, 2021 05:21
Override executable used for SSH PSRemoting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $script = Set-Content ./hvc_ssh.bat -Value 'hvc.exe ssh %*' | |
| $ExecutionContext.InvokeCommand.PostCommandLookupAction = { | |
| param ($Command, $EA) | |
| if ($Command -eq ($IsWindows ? 'ssh.exe' : 'ssh')) { # This is just ssh | |
| $EA.Command = Get-Command './hvc_ssh.bat' | |
| } | |
| } | |
| try { |
jborean93
/ Wireshark raw dissector.sh
Created
September 21, 2021 20:18
Dissects raw bytes in Wireshark - TLS example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DATA='FgMDAK0BAACpAwNhSjqVL8AO4n3tp9BCagd/Vo9FoZNVsPCXppc9JBVR5AAAKsAswCvAMMAvAJ8AnsAkwCPAKMAnwArACcAUwBMAnQCcAD0APAA1AC8ACgEAAFYAAAAVABMAABBkYzAxLnNwbmVnby50ZXN0AAoACAAGAB0AFwAYAAsAAgEAAA0AGgAYCAQIBQgGBAEFAQIBBAMFAwIDAgIGAQYDACMAAAAXAAD/AQABAA==' | |
| echo $DATA | base64 -d | hexdump -C | text2pcap -T 8443,443 - /tmp/tls1.pcap | |
| DATA='FgMDAxkCAABRAwNhSjqVHJjKhHmYNy8Aniontsb2E5QYxbz2QsA3F9eNeiDSOgAAQEsXpIvV6wzFIsyXlm71Eev27j0vgm4dGVXGKcAwAAAJABcAAP8BAAEACwABzwABzAAByTCCAcUwggEuoAMCAQICEBqN+uO8ErCUQ+TCAAb14K0wDQYJKoZIhvcNAQEFBQAwITEfMB0GA1UEAxMWV1NNQU4tREMwMS5zcG5lZ28udGVzdDAeFw0yMTA5MjExOTU1MzVaFw0yMjAzMjAxOTU1MzVaMCExHzAdBgNVBAMTFldTTUFOLURDMDEuc3BuZWdvLnRlc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANhKH7CEIsLA5/qs444gW7NSsAoFMIwKLAfYRpgX+lzdh8dWWojGG8ucZE6jiepRfODvOCbonSVI9vdtdNM+NHdZwDRuBTemCGrw/JXiqXzZwy+Ky5yBb9JpEc9llyK9YsamUvO04yA54uhYJpQxxiAggXNcUHq3NVJeQX1K3KItAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAsA40izL+mUun6C8U8Hwu/mR/1+/ZGvLaQ+MUWNfNU9ClX5Sw+EniWDjU1fPclPAY8YSOE6fbj5PhbdK8leydy2Q4tceYzWgi0mlK9cZVpplx86zKAM/1tC1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM fedora:34 | |
| ARG REALM=KRBTEST.COM | |
| ENV PATH=/opt/heimdal/bin:$PATH | |
| RUN dnf install -y \ | |
| autoconf \ | |
| automake \ | |
| byacc \ |