Note: I did not author this, i found it somehwere.
- Tools
- Most common paths to AD compromise
- [GPO - Pivoting with Local Admin
mgraeber-rc
/ SimulateInternetZoneTest.ps1
Created
May 28, 2021 16:57
Example highlighting why attackers likely choose ISO/IMG as a delivery mechanism - it evades SmartScreen because Mark-of-the-Web (MOTW) cannot be applied to non NTFS volumes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Add-Type -OutputAssembly hello.exe -TypeDefinition @' | |
| using System; | |
| public class Hello { | |
| public static void Main(string[] Args) { | |
| System.Console.WriteLine("Hello, world!"); | |
| System.Console.Read(); | |
| } | |
| } | |
| '@ |
ssstonebraker
/ Active Directory Attacks.md
Last active
November 16, 2025 11:51
Active Directory Attacks #oscp
royshil
/ downloadPDFs.py
Last active
March 22, 2020 01:27
Download All PDFs in a URL using Python mechanize
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is kind-of based off of this: http://stackoverflow.com/questions/5974595/download-all-the-linksrelated-documents-on-a-webpage-using-python | |
| import cookielib | |
| import urllib2 | |
| import mechanize | |
| from time import sleep | |
| import os | |
| import cgi | |
| # A routine to download a file from a link, by simulating a click on it |
artttj
/ Python_Urllib_Basic_Auth_Query.py
Created
September 22, 2016 17:34
Python 3.4 Urllib Basic Auth: the script sends JSON data via POST request using HTTP Basic authentication and urllib.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import urllib.request | |
| import urllib.response | |
| userName = "user" | |
| passWord = "password" | |
| top_level_url = "http://127.0.0.1/api/update" | |
| # create an authorization handler | |
| p = urllib.request.HTTPPasswordMgrWithDefaultRealm() | |
| p.add_password(None, top_level_url, userName, passWord); |
unfo
/ how-to-oscp-final.md
Last active
October 11, 2025 18:26
skulltech
/ apk-embed-payload.rb
Last active
April 1, 2023 04:50
POC for injecting Metasploit payloads on arbitrary APKs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # apk_backdoor.rb | |
| # This script is a POC for injecting metasploit payloads on | |
| # arbitrary APKs. | |
| # Authored by timwr, Jack64 | |
| # | |
| require 'nokogiri' | |
| require 'fileutils' |
tikolakin
/ fish_alias.md
Last active
February 17, 2025 10:33
Create alias in Fish shell and save this as a permanent function
Directly from CLI
alias x='exit'
funcsave x
or create a file in
~/.config/fish/functions
with name
kaito834
/ urllib-request_basicAuth.py
Last active
October 26, 2022 17:52
Python 3.x snippet code for Basic Authentication HTTP request by urllib.request
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # I tested by Python 3.4.3 on Windows 8.1 | |
| # Python 3.4.3 (v3.4.3:9b73f1c3e601, Feb 24 2015, 22:43:06) [MSC v.1600 32 bit (Intel)] on win32 | |
| import urllib.request | |
| import getpass | |
| # If you access to url below via Proxy, | |
| # set environment variable 'http_proxy' before execute this. |
MaxMyalkin
/ MultiDexTestRunner.java
Last active
June 14, 2016 13:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static void addTests(ClassLoader loader, TestSuite suite) { | |
| try { | |
| Class[] classes = getClasses("ru.mail.mailbox.cmd.server", loader); | |
| System.out.println("class size " + classes.length); | |
| for(Class clazz : classes) { | |
| for(Method method : clazz.getDeclaredMethods()) { | |
| for(Annotation annotation : method.getAnnotations()) { | |
| if(annotation instanceof MockMethod) { | |
| // suite.addTest(TestSuite.createTest(clazz, method.getName())); | |
| System.out.println("add method " + method.getName() + " for class " + clazz.getName()); |
kaito834
/ urllib-request-Request.py
Last active
May 29, 2024 20:27
Python 3: urllib.request and json sample
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # | |
| # tested by Python 3.4.3 on Windows 8.1 | |
| # Python 3.4.3 (v3.4.3:9b73f1c3e601, Feb 24 2015, 22:43:06) [MSC v.1600 32 bit (Intel)] on win32 | |
| # If you need to access web site/service via proxy, set http_proxy or https_proxy. | |
| # https://docs.python.org/3/library/urllib.request.html#urllib.request.ProxyHandler | |
| # set http_proxy=http://127.0.0.1:8888/ | |
| # set https_proxy=https://127.0.0.1:8888/ |
NewerOlder