tijme
/ Get-EffectiveNetworkShareAccess.ps1
Created
May 26, 2021 20:12
Get the effective network share access for a specific domain user. Identify which ACL entry/rule matches for the given or current user.
tijme
/ Get-AllADGroupUsersRecursively.ps1
Last active
February 20, 2023 11:52
This function will return all domain users in the specified group, including recursive memberships. This also includes users in special groups such as the "Domain Users" group. Users are part of special groups via the SID instead of the members attribute. Therefore `Get-ADGroupMembers -Recursive` doesn't return users in these special groups.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Get-AllADGroupUsersRecursively { | |
| <# | |
| .SYNOPSIS | |
| This script will identify all AD users in a specific group recursively (including special groups such as "Domain Users"). | |
| .DESCRIPTION | |
| This script will identify all AD users in a specific group recursively (including special groups such as "Domain Users"). | |
| .NOTES | |
| Name: Get-AllADGroupUsersRecursively |
tijme
/ DriverObject->MajorFunction.txt
Created
January 8, 2023 10:55
DriverObject MajorFunction offsets
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Name Array index from 0x0 Func index from 0x0 Array index from 0x70 Func index from 0x70 | |
| ------------------------------- ---------------------- --------------------- ----------------------- ---------------------- | |
| IRP_MJ_CREATE 0x0, 0 0x0, 0 0x70, 112 0x70, 112 | |
| IRP_MJ_CREATE_NAMED_PIPE 0x1, 1 0x8, 8 0x71, 113 0x78, 120 | |
| IRP_MJ_CLOSE 0x2, 2 0x10, 16 0x72, 114 0x80, 128 | |
| IRP_MJ_READ 0x3, 3 0x18, 24 0x73, 115 0x88, 136 | |
| IRP_MJ_WRITE 0x4, 4 0x20, 32 0x74, 116 0x90, 144 | |
| IRP_MJ_QUERY_INFORMATION 0x5, 5 0x28, 40 0x75, 117 0x98, 152 | |
| IRP_MJ_SET_INFORMATION 0x6, 6 0x30, 48 |
tijme
/ pfx2john.py
Created
June 7, 2023 18:51
Python3 version of `pfx2john.py` from John the Ripper
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # coding: utf-8 | |
| """ | |
| Modified for JtR by Dhiru Kholia in July, 2016 | |
| Copyright (c) 2015 Will Bond <[email protected]> | |
| Permission is hereby granted, free of charge, to any person obtaining a copy of | |
| this software and associated documentation files (the "Software"), to deal in |
OlderNewer