ed puzzlepeaches
puzzlepeaches
/ combo.yaml
Created
August 3, 2024 12:07
Not working onedrive_user_enum that combines my previous two gists. Anyone who can fix this gets a cookie.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: o365-tenant-name-and-user-enum | |
| # Current use: nuclei -t combo.yaml -u acme.com | |
| # Intended use: nuclei -t combo.yaml -u acme.com -var userlist=jsmith.txt | |
| info: | |
| name: Office 365 Tenant Name Discovery and User Enumeration | |
| author: ed | |
| severity: info | |
| description: Discovers the tenant name for a given Office 365 domain and then enumerates users in the target tenant's OneDrive. |
puzzlepeaches
/ get-tenant-name.yaml
Created
July 28, 2024 13:29
Get O365 tenant name using autodiscover.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # nuclei -t get-tenant-name.yaml -u acme.com -jsonl -or -silent -nm -ot | jq -r '."extracted-results"'[] | |
| id: o365-tenant-name | |
| info: | |
| name: Office 365 Tenant Name Discovery | |
| author: ed | |
| severity: info | |
| description: Discovers the tenant name for a given Office 365 domain using the Autodiscover service. | |
| requests: |
puzzlepeaches
/ onedrive-user-enum.yaml
Last active
July 27, 2024 15:13
Onedrive User Enumeration w/ Nuclei
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: onedrive-user-enum | |
| info: | |
| name: Onedrive user enumeration | |
| author: ed | |
| severity: info | |
| description: Enumerate users in the target tenant's onedrive using nyxgeeks technique | |
| variables: | |
| tenant: "acmecom" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qG/4qCf4qCb4qCb4qCb4qCL4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCJ4qCZ4qCb4qCb4qCb4qC/4qC74qC/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qO/CuKjv+Kjv+Kjv+Kjv+Kjv+Kjv+Kjv+Kjv+Kjv+Khv+Kgi+KggOKggOKggOKggOKggOKhgOKgoOKgpOKgkuKiguKjieKjieKjieKjkeKjkuKjkuKgkuKgkuKgkuKgkuKgkuKgkuKgkuKggOKggOKgkOKgkuKgmuKgu+Kgv+Kgv+Kjv+Kjv+Kjv+Kjv+Kjv+Kjv+Kjv+Kjvwrio7/io7/io7/io7/io7/io7/io7/io7/ioI/ioIDioIDioIDioIDioaDioJTioInio4DioJTioJLioInio4Dio4DioIDioIDioIDio4DioYDioIjioInioJHioJLioJLioJLioJLioJLioIjioInioInioInioIHioILioIDioIjioJnior/io7/io7/io7/io7/io78K4qO/4qO/4qO/4qO/4qO/4qO/4qO/4qCH4qCA4qCA4qCA4qCU4qCB4qCg4qCW4qCh4qCU4qCK4qCA4qCA4qCA4qCA4qCA4qCA4qCA4qCQ4qGE4qCA4qCA4qCA4qCA4qCA4qCA4qGE4qCA4qCA4qCA4qCA4qCJ4qCy4qKE4qCA4qCA4qCA4qCI4qO/4qO/4qO/4qO/4qO/CuKjv+Kjv+Kjv+Kjv+Kjv+Kjv+Kgi+KggOKggOKggOKggOKggOKggOKggOKgiuKggOKigOKjgOKjpOKjpOKjpOKjpOKjgOKggOKggOKggOKiuOKggOKggOKggOKggOKggOKgnOKggOKggOKggOKggOKjgOKhgOKggOKgiOKgg+KggOKggOKggOKguOKjv+Kjv+Kjv+Kjvwrio7/io7/io7/io7/i |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: parked-domain-check | |
| info: | |
| name: Detect parked domains | |
| author: puzzlepeaches | |
| severity: info | |
| description: Checks if a domain is parked based on specific keywords and reports the matched content. | |
| requests: | |
| - method: GET | |
| path: |
puzzlepeaches
/ latestpd.py
Created
April 1, 2022 10:46
Download latest Linux projectdiscovery tools with Python. Comment out line 54 if you want to hold on to the zipfiles following download.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import glob | |
| import zipfile | |
| import requests | |
| from lastversion import latest | |
| tools = ["nuclei", "httpx", "dnsx", "subfinder", "naabu", "shuffledns"] | |
| def get_version(tools): | |
| for i in tools: |
puzzlepeaches
/ mailboxcheck.py
Created
February 2, 2022 16:25
Lets you feed in a list of user credentials guessed during spraying to check if they have a valid mailbox for an on-prem Exchange server. Basically an easy way to tell if you are going to be able to abuse an ActiveSync endpoint or not. Need to install exchangelib for this to work.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import argparse | |
| from exchangelib import Credentials, Account, Configuration | |
| from exchangelib.errors import ErrorNonExistentMailbox, UnauthorizedError | |
| def args(): | |
| parser = argparse.ArgumentParser() | |
| parser.add_argument("-c", "--creds", dest="creds", help="List of known valid user credentials in the format [email protected]:password", action='store', required=True) | |
| parser.add_argument("-t", "--target", dest="target", help="Target Exchange server.", action='store', required=True) | |
| args = parser.parse_args() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Run with: | |
| # curl -skL https://git.io/JR3md | sudo bash | |
| #! /bin/bash | |
| if [ "$EUID" -ne 0 ] | |
| then echo "[-] Please run as root" | |
| exit | |
| fi | |
| # install the required services, pull docker the right docker for debian |
puzzlepeaches
/ usergen.py
Created
June 7, 2021 17:59
Really bad way of adding a letter after the first character in a username. Makes username validation a little easier if your client is using the format {f}{m}{last}@acme.com.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Usage: python3 usergen.py -f users.txt | tee modified-users.txt | |
| import string | |
| import argparse | |
| parser = argparse.ArgumentParser() | |
| parser.add_argument("--file", "-f", type=str, required=True) | |
| args = parser.parse_args() |
puzzlepeaches
/ subenum.sh
Created
July 28, 2020 21:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| bold="\e[1m" | |
| Underlined="\e[4m" | |
| red="\e[31m" | |
| green="\e[32m" | |
| blue="\e[34m" | |
| #grey="\e[90m" | |
| end="\e[0m" | |
| ugb="" |
NewerOlder