Skip to content

Instantly share code, notes, and snippets.

View sysgoblin's full-sized avatar
:octocat:
🤙

Chris Bayliss sysgoblin

:octocat:
🤙
31 followers · 15 following
View GitHub Profile
@sysgoblin
sysgoblin / keybase.md
Created February 19, 2020 10:58

Keybase proof

I hereby claim:

  • I am sysgoblin on github.
  • I am sysg0blin (https://keybase.io/sysg0blin) on keybase.
  • I have a public key ASD0Jhe7R2wvFlYnh2DdVeCKo38UaLEnjQYYVmIhnv3ZpAo

To claim this, I am signing this object:

@sysgoblin
sysgoblin / SMB3LanScan.ps1
Last active March 11, 2020 16:42
CVE-2020-0796 LAN scanner
# for PoSh v7+
# requires appropriate privileges and network access
# change "1..250" and "10.0.0." to scan the range you want
1..250 | ForEach-Object -Parallel {
try {
$h = (Resolve-DnsName "10.0.0.$_" -ErrorAction Break).NameHost
$os = Get-CimInstance -computername $h -Query "Select CSName, BuildNumber from Win32_OperatingSystem" -ErrorAction Break
if ([int]$os.BuildNumber -ge 18362) { # 18362 = 1903, 18363 = 1909
dir "\\$($h)\c$" | out-null # open smb connection to remote host
@sysgoblin
sysgoblin / gist:4363d475f4cf077a37172bff9d3f6fe8
Created April 23, 2020 21:02
commercial phish kit domains 2020-04-23
# 16Shop
account-securityid-accesslmted.cafieajf.com [email protected], admin.16shop.co
amazon.co.jp.1ad6332e10f94e94ca940de69248.info [email protected], [email protected]
amazonalert.ddns.net
amazonsecurityaccount.mailservactiongolf2.com [email protected], [email protected]
amznupdates-verificationrequired.com [email protected], [email protected]
app.sign.in.amazon.jp.langf-jp.3ov.b.cusnevama.com [email protected], [email protected]
appaypal-accountverification.gleeze.com [email protected], [email protected]
apple-accountsignin-verification.com [email protected], [email protected]
appledetailsinformation.attachementmeappconfirm.com
@sysgoblin
sysgoblin / gist:7bc6fc9d1c151f7215e576fab09cebc4
Created April 24, 2020 21:19
commercial phishing panels 2020-04-24
[16Shop] 104.248.55.11 web.verify-acc.amz2020.app-lockedaccesverifed000.com [email protected], [email protected]
[16Shop] 104.31.64.248 appleupdates-verificationrequired.com [email protected], [email protected]
[16Shop] 134.122.1.92 web.amazon.aws.services-auth-follow.loginsupport.org [email protected], [email protected]
[16Shop] 157.230.126.157 billingsecure.amazon.com.dsabekogia.com [email protected], [email protected]
[16Shop] 161.117.250.188 auth-verify.paypal.idwebscr.webapps23687618.tempekjaran1.com [email protected], [email protected]
[16Shop] 162.144.98.230 manage-secure.information-paypal.gaspolinaja.com [email protected], [email protected]
[16Shop] 162.144.98.230 secure-paypal.bangetdivorce.com [email protected], [email protected]
[16Shop] 162.214.49.197 authorized2-signin-amazon.camdvr.org
[16Shop] 162.214.50.13 signin-webrecovery-br8eapple.serveuser.com [email protected], resultmrsukarelap
@sysgoblin
sysgoblin / commercial phishing kits 2020-04-26.md
Created April 26, 2020 17:17
Kit Domain Threat Actor Emails
16Shop account-security.ideeprince.com [email protected], [email protected]
16Shop amaz0n.develop01managing-6540982nc.com [email protected], [email protected]
16Shop amaz0n.openaccesslogin.com [email protected], [email protected]
16Shop amazon-s.xyz [email protected], [email protected]
16Shop appaypal-accountloginverification.gleeze.com [email protected], [email protected]
16Shop appaypal-accountloginverificationreq.gleeze.com [email protected], [email protected]
16Shop appaypal-accountloginverify.gleeze.com [email protected], [email protected]
16Shop appaypal-accountverificationreq.gleeze.com
@sysgoblin
sysgoblin / commercial_phishing_kits-2020-04-27.csv
Created April 27, 2020 12:33
Commercial Phishing Kits - 2020-04-27
kit domain emails
16Shop appstore-noticeaccount.appsteasm-32.com [email protected] [email protected]
16Shop manage-appidaccount.informationupdate.srxxxsrvce.com [email protected] [email protected]
16Shop amaz0n.develop01managing-6540982nc.com [email protected] [email protected]
16Shop amaz0n.openaccesslogin.com [email protected] [email protected]
16Shop webaccess-secure-service.webaccountmanagement-amazon.com [email protected] [email protected]
16Shop verification.account-system.paypal.dhrgagov.com [email protected] [email protected]
16Shop verification.account-system.paypal.dgrxx.com [email protected] [email protected]
16Shop verification.account-system.paypal.downloadxch.com [email protected] [email protected]
16Shop verification.account-system.paypal.drenorge.com [email protected] [email protected]
@sysgoblin
sysgoblin / commercial_phishing_kits-2020-04-28.csv
Created April 28, 2020 12:38
Commercial Phishing Kits - 2020-04-28 (detected/generated by @PhishingReel)
kit domain emails
16Shop login.paypal.support.payment-verify404.mailconfirmation-page.com [email protected] [email protected]
16Shop appstore.apple.appleid.stevewas.com [email protected] [email protected]
16Shop web.page.amazon.security.clients-verification.page [email protected] [email protected]
16Shop amazon-secure-signed-in-uknown-access-from-unauthorise-device.mueiuk1.com [email protected] admin@silentisgold
16Shop web-intlpaypal.com.dwarmek.com [email protected] [email protected]
16Shop sign-ins-theacc-tru2vrf-lognsapple.grupphy-dragons1.com [email protected] [email protected]
16Shop paypal.verification.account.erdosjobs.com [email protected] [email protected]
16Shop my-last-day-activity-and-changed-password-today.wanguk13.com [email protected] [email protected]
16Shop managesaccounts.paypall.com.srvcelive.com [email protected] [email protected]
@sysgoblin
sysgoblin / commercial_phishing_kits-2020-04-29.csv
Created April 29, 2020 12:00
Commercial Phishing Kits - 2020-04-29 (detected/generated by @PhishingReel)
kit domain emails
16Shop ys2dk.informationwdj-updatesk2.xk8skvswav.com [email protected] [email protected]
16Shop mail-secure.information-dataaccount.casvasjnd.com [email protected] [email protected]
16Shop mail-helpdesk-updateaccount.kauharraku.com [email protected] [email protected]
16Shop web.amazon.aws.services-auth-follow.moreactions.org None
16Shop webamazon.services-auth-follows.secure-navi-info.com None
16Shop web.amazon.aws.services-auth-follow.action-secure.com None
16Shop suspicious-login-managepaypal.com [email protected] [email protected]
16Shop suspicious-login-managepaypal.com [email protected] [email protected]
16Shop web.amazon.aws-services-auth-follow.yenibarunih.net [email protected] [email protected]
@sysgoblin
sysgoblin / commercial_phishing_kits-2020-04-30.csv
Created April 30, 2020 12:00
Commercial Phishing Kits - 2020-04-30 (detected/generated by @PhishingReel)
kit domain emails
16Shop amazon.co.jp.cc3be9d70d0fc9851b588b1d6.net [email protected] [email protected]
16Shop paypalidsecurity.ga None
16Shop secure.verification-account-center.apps-accountupdate.com [email protected] [email protected]
16Shop authorized-access-account-signin.camdvr.org None
16Shop ecs-service.accountfeedback.callpans.com [email protected] [email protected]
16Shop tru2vrfy-acc1es-forthelog-ins-phaypals.buktidomain2.com [email protected] [email protected]
16Shop tru2vrfy-acc2ess-the-forsign-ins-phaypalls.buktidomain9.com [email protected] [email protected]
16Shop appaypal-loginaccountverifications.gleeze.com None
16Shop amzn-baokbaokbatanangsanak-asek21.com None
@sysgoblin
sysgoblin / commercial_phishing_kits-2020-05-01.csv
Created May 1, 2020 12:00
Commercial Phishing Kits - 2020-05-01 (detected/generated by @PhishingReel)
kit domain emails
16Shop secure1amazonpay.com-b07984jn3l.camdvr.org [email protected] [email protected]
16Shop auth.amazin.customer.verificationcenter.com.suse-amz.com None
16Shop cg-summaryinformation.com.czgorun.com None
16Shop mhbavsdasdikugasdk.amazon.com-aujkysfgd.dipaksamau.com None
16Shop amazonsecurityaccount.bestdaysecong.com [email protected] [email protected]
16Shop web.page.amazon.account.clientt-verification.info [email protected] [email protected]
16Shop web.page.amazon.verification.users-update.info [email protected] [email protected]
16Shop manage-authaccount-servicelimitedinc042.splash9348.com [email protected] [email protected]
16Shop web-intlpaypal.com.liriklaguapakabarsayang.com [email protected] [email protected]