#Wireless Penetration Testing Cheat Sheet
##WIRELESS ANTENNA
- Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
Nate Subra natesubra
natesubra
/ bypass_uac.ps1
Created
March 9, 2019 02:17
— forked from tyranid/bypass_uac.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Powershell script to bypass UAC on Vista+ assuming | |
| # there exists one elevated process on the same desktop. | |
| # Technical details in: | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html | |
| # You need to Install-Module NtObjectManager for this to run. | |
| Import-Module NtObjectManager |
natesubra
/ PSProcmon.psm1
Created
March 24, 2019 22:39
— forked from mattifestation/PSProcmon.psm1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # These keyword values can be obtained with: logman query providers Microsoft-Windows-Kernel-Registry | |
| [Flags()] | |
| enum RegistryOptions { | |
| CloseKey = 0x00000001 | |
| QuerySecurityKey = 0x00000002 | |
| SetSecurityKey = 0x00000004 | |
| EnumerateValueKey = 0x00000010 | |
| QueryMultipleValueKey = 0x00000020 | |
| SetInformationKey = 0x00000040 | |
| FlushKey = 0x00000080 |
natesubra
/ merger.py
Created
February 17, 2020 20:24
— forked from btoews/merger.py
Merging Nessus Files
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # file: merger.py | |
| # based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/ | |
| # by: mastahyeti | |
| import xml.etree.ElementTree as etree | |
| import shutil | |
| import os | |
| first = 1 | |
| for fileName in os.listdir("."): |
natesubra
/ Wireless Penetration Testing Cheat Sheet.md
Created
April 27, 2020 19:51
— forked from dogrocker/Wireless Penetration Testing Cheat Sheet.md
Wireless Penetration Testing Cheat Sheet
natesubra
/ kresd-config.lua
Created
June 3, 2020 01:59
— forked from catap/kresd-config.lua
An example configuration to random selection between Quad9, Cloudflare and Google DNS-over-TLS for knot-resolver (kresd)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'math' | |
| math.randomseed(os.time()) | |
| dns_providers = { | |
| { -- Quad9 | |
| {'9.9.9.9', hostname='dns.quad9.net', ca_file='/usr/local/etc/kresd/DigiCertECCSecureServerCA.pem'}, | |
| {'149.112.112.112', hostname='dns.quad9.net', ca_file='/usr/local/etc/kresd/DigiCertECCSecureServerCA.pem'} | |
| }, | |
| { -- Cloudflare | |
| {'1.1.1.1', hostname='cloudflare-dns.com', ca_file='/usr/local/etc/kresd/DigiCertECCSecureServerCA.pem'}, |
natesubra
/ ShowObjectGraph.ps1
Created
January 3, 2021 07:04
— forked from sean-m/ShowObjectGraph.ps1
Displays structure of an object/collection in a WPF TreeView. (updated for pwsh7)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Show-ObjectGraph { | |
| [Alias('sog')] | |
| <# | |
| .Synopsis | |
| Displays structure of an object/collection in a WPF TreeView. | |
| .DESCRIPTION | |
| Recursively builds out an object graph which is then set to | |
| the DataContext of a WPF TreeView. This will display all type and | |
| member info for the object or collection elements. This is a blocking | |
| operation. |
natesubra
/ output.txt
Created
November 12, 2021 22:12
— forked from jpoehls/output.txt
PowerShell benchmarking function. Or, the Windows equivalent of Unix's `time` command.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PS> time { ping -n 1 google.com } -Samples 10 -Silent | |
| .......... | |
| Avg: 62.1674ms | |
| Min: 56.9945ms | |
| Max: 87.9602ms | |
| PS> time { ping -n 1 google.com } -Samples 10 -Silent -Long | |
| .......... | |
| Avg: 00:00:00.0612480 | |
| Min: 00:00:00.0572167 |
natesubra
/ help.md
Created
September 1, 2022 14:36
— forked from Neo23x0/help.md
Offensive Research Guide to Help Defense Improve Detection
Whenever you research a certain vulnerability ask yourself these questions and please answer them for us
Does the exploited service write a log?
(check ls -lrt /var/log or lsof +D /var/log/ or lsof | grep servicename)
Does a system service write a log?
(e.g. check with tail -f /var/log/messages)
natesubra
/ DogFoodExec.cs
Created
July 17, 2023 22:12
— forked from xpn/DogFoodExec.cs
https://blog.xpnsec.com/weird-ways-to-execute-dotnet/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Reflection; | |
| using System.Runtime.InteropServices; | |
| using System.Linq; | |
| namespace NautilusProject | |
| { | |
| internal class CombinedExec | |
| { | |
| public static IntPtr AllocMemory(int length) |
natesubra
/ dotnet_unhook_etw.cs
Created
July 17, 2023 22:12
— forked from xpn/dotnet_unhook_etw.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Reflection; | |
| using System.Runtime.InteropServices; | |
| namespace test | |
| { | |
| class Win32 | |
| { | |
| [DllImport("kernel32")] | |
| public static extern IntPtr GetProcAddress(IntPtr hModule, string procName); |