Skip to content

Instantly share code, notes, and snippets.

View stormfleet's full-sized avatar

stormfleet stormfleet

12 followers · 16 following
View GitHub Profile
@lrckt
lrckt / obfuscar.xml
Created August 3, 2021 03:26
obfuscar configuration file for .net application
<?xml version='1.0'?>
<Obfuscator>
<Var name="InPath" value=".\bin\x64\\Release" />
<Var name="OutPath" value=".\Release_Obfuscated" />
<Var name="HidePrivateApi" value="true" />
<Var name="RenameProperties" value="true" />
<Var name="RenameFields" value="true" />
<Module file="$(InPath)\test.exe" />
</Obfuscator>
@jborean93
jborean93 / Get-ServiceCredential.ps1
Last active October 22, 2025 12:44
Get's the username and password for installed Windows services
# Copyright: (c) 2019, Jordan Borean (@jborean93) <[email protected]>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
Function Get-ServiceCredential {
<#
.SYNOPSIS
Retrieve the username and plaintext password for all services installed on the local computer.
.DESCRIPTION
Will retrieve the username and plaintext password for the service(s) specified. This must be run as an
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@3xocyte
3xocyte / rbcd_relay.py
Last active July 31, 2025 14:25
poc resource-based constrain delegation relay attack tool
#!/usr/bin/env python
# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
# this is a *very* rough PoC
import SimpleHTTPServer
import SocketServer
import base64
import random
import struct
@smgorelik
smgorelik / Hollowing.cs
Last active September 5, 2023 14:12
Simple Process Hollowing C#
/***************
* Simple Process Hollowing in C#
*
* #Build Your Binaries
* c:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe Hollowing.cs /unsafe
*
* @author: Michael Gorelik <[email protected]>
* gist.github.com/smgorelik/9a80565d44178771abf1e4da4e2a0e75
* #Most of the code taken from here: @github: github.com/ambray
@neoplacer
neoplacer / fake_ftp.py
Created November 7, 2017 09:55
Fake FTP Server
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
Fake FTP Server
~~~~~~~~~~~~~~~
This is a simple fake FTP daemon. It stores the login data (username and
password) given to it and then terminates the connection.
@xorrior
xorrior / wmic_cmds.txt
Last active October 25, 2025 16:57
Useful Wmic queries for host and domain enumeration
Host Enumeration:
--- OS Specifics ---
wmic os LIST Full (* To obtain the OS Name, use the "caption" property)
wmic computersystem LIST full
--- Anti-Virus ---
wmic /namespace:\\root\securitycenter2 path antivirusproduct
@Raikia
Raikia / One-liner Mimikatz Parser
Last active August 21, 2025 16:06
Assuming you have a mimikatz dump named "mimikatz_dump.txt", I made these bash one-liners that will reformat the mimikatz output to "domain\user:password"
First, before using these parsers, run: "dos2unix mimikatz_dump.txt"
Mimikatz 1.0:
cat mimikatz_dump.txt | grep -P '((Utilisateur principal)|(msv1_0)|(kerberos)|(ssp)|(wdigest)|(tspkg))\s+:\s+.+' | grep -v 'n\.' | sed -e 's/^\s\+[^:]*:\s\+//' | sed -e 's/Utilisateur principal\s\+:\s\+\(.*\)$/\n\1/' | sort -u
Mimikatz 2.0 (unfortunately, you must "apt-get install pcregrep" because reasons):
@alirobe
alirobe / reclaimWindows10.ps1
Last active December 6, 2025 06:24
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
###
###
### UPDATE: For Win 11, I recommend using this tool in place of this script:
### https://christitus.com/windows-tool/
### https://github.com/ChrisTitusTech/winutil
### https://www.youtube.com/watch?v=6UQZ5oQg8XA
### iwr -useb https://christitus.com/win | iex
###
### OR take a look at
### https://github.com/HotCakeX/Harden-Windows-Security
@zmwangx
zmwangx / # Official Windows VM download URL archive.md
Last active November 15, 2025 02:46
Official Windows VM download URL archive, from https://dev.modern.ie/tools/vms/mac/ — scratch that — https://developer.microsoft.com/en-us/microsoft-edge/api/tools/vms/