Skip to content

Instantly share code, notes, and snippets.

View st3rven's full-sized avatar
💭

sterven st3rven

💭
20 followers · 27 following
View GitHub Profile
@dru1d-foofus
dru1d-foofus / README.md
Last active May 21, 2024 23:56
CVE-2023-41444 - IREC.sys Vulnerability

CVE-2023-41444 - Binalyze IREC.sys Vulnerable Driver

Credits

Mike Alfaro (@_mmpte_software) and Tyler Booth (@tyler_dru1d)

Description

An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges due to an improper DACL being applied to the device the driver creates.

Vulnerability Type

Incorrect Acess Control

@LuemmelSec
LuemmelSec / Get-SPVersionInfo.ps1
Last active December 9, 2024 10:08
Script to get SharePoint Version and release date remotely
# To use the function, call it like this:
# iex(new-object net.webclient).downloadstring("https://gist.githubusercontent.com/LuemmelSec/208b8ba52b645ec189031d2b5200f76e/raw/c6c1008da1b5670d3fb549578968c2a2f086a00b/Get-SPVersionInfo.ps1")
# Get-SPVersionInfo -ServerUrl "https://my-sharepointserver"
function Get-SPVersionInfo {
param (
[string]$ServerUrl,
[switch]$SkipCertificateCheck, # Flag to skip certificate checks
[switch]$SkipHttpErrorCheck # Flag to skip HTTP error handling
)
@nbk2000
nbk2000 / getSubsidiaries.py
Created December 24, 2024 23:36
Get Subsidiaries of a Company from SEC API
import requests
import sys
API_KEY = 'API-KEY-GOES-HERE'
# ANSI color codes
BLUE = '\033[94m'
RED = '\033[91m'
PURPLE = '\033[95m'
GREEN = '\033[92m'
@HackingLZ
HackingLZ / m365_osint_recon.py
Created August 7, 2025 16:28
#!/usr/bin/env python3
"""
M365 OSINT Reconnaissance Tool
Based on techniques from: https://dstreefkerk.github.io/2025-07-m365-email-osint-after-lockdown/
This script performs modern M365/Azure AD reconnaissance after Microsoft's lockdown of traditional
enumeration methods. It uses multiple validation techniques to discover organizational information
and attempts to infer MOERA domains.
"""