- Copy
bloodhound_owned.pyincme/modulesand reinstall CrackMapExecpython setup.py install pip install neo4j
cme smb 10.10.0.0/24 -d adsec.local -u jsnow -p Winter_is_coming_\! -M bloodhound_owned
mpgn
/ wifi-relay.sh
Created
November 2, 2020 11:01
— forked from 1mm0rt41PC/wifi-relay.sh
Wifi easy PEAP relay
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Wifi easy PEAP relay | |
| # | |
| # Author: 1mm0rt41PC - immortal-pc.info - https://github.com/1mm0rt41PC | |
| # | |
| # Ref: | |
| # - https://github.com/sensepost/hostapd-mana | |
| # - https://github.com/sensepost/wpa_sycophant | |
| # - https://sensepost.com/blog/2019/peap-relay-attacks-with-wpa_sycophant/ | |
| # - https://www.youtube.com/watch?v=eYsGyvGxlpI&feature=youtu.be&t=1052 |
mpgn
/ PowerView-3.0-tricks.ps1
Created
March 29, 2020 16:35
— forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
mpgn
/ railspwn.rb
Created
March 18, 2019 21:21
— forked from niklasb/railspwn.rb
Rails 5.1.4 YAML unsafe deserialization RCE payload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'yaml' | |
| require 'base64' | |
| require 'erb' | |
| class ActiveSupport | |
| class Deprecation | |
| def initialize() | |
| @silenced = true | |
| end | |
| class DeprecatedInstanceVariableProxy |
mpgn
/ DigitalSignature-Hijack.ps1
Created
November 12, 2017 15:53
— forked from netbiosX/DigitalSignature-Hijack.ps1
Hijack Digital Signatures and Bypass Authenticode Hash Validation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| DigitalSignatureHijack v1.0 | |
| License: GPLv3 | |
| Author: @netbiosX | |
| #> | |
| # Validate Digital Signature for PowerShell Scripts | |
| function ValidateSignaturePS | |
| { | |
| $ValidateHashFunc = 'HKLM:\SOFTWARE\Microsoft\Cryptography' +'\OID\EncodingType 0\CryptSIPDllVerifyIndirectData' |
mpgn
/ ftpserver.py
Created
October 19, 2017 13:18
— forked from scturtle/ftpserver.py
simple ftp server by python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # coding: utf-8 | |
| import os,socket,threading,time | |
| #import traceback | |
| allow_delete = False | |
| local_ip = socket.gethostbyname(socket.gethostname()) | |
| local_port = 8888 | |
| currdir=os.path.abspath('.') |