These are are some notes I put together on butchering the rectangular dishy cable.
FOLLOW THESE GUIDELINES AT YOUR OWN RISK. I TAKE NO RESPONSIBILITY FOR ANY DAMAGE OR INJURY YOU SUSTAIN FROM FOLLOWING OR NOT FOLLOWING THESE GUIDELINES.
ProbieK
darconeous
/ rect-starlink-cable-hack.md
Last active
October 28, 2025 11:43
Hacking the Rectangular Starlink Dishy Cable
mutin-sa
/ Top_Public_Time_Servers.md
Last active
October 26, 2025 15:29
List of Top Public Time Servers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rough summary of developing BadRabbit info | |
| ------------------------------------------ | |
| BadRabbit is locally-self-propagating ransomware (ransom: 0.05 BTC), spreading via SMB once inside. | |
| Requires user interaction. | |
| Mostly targeting Russia and Ukraine so far, with a few others (Germany, Turkey, Bulgaria, Montenegro ...) | |
| Not globally self-propagating, but could be inflicted on selected targets on purpose. | |
| May be part of same group targeting Ukraine generally (BACKSWING) (per FireEye) | |
| Confirmed to use ETERNALROMANCE exploit, and same source code and build chain as NotPetya (per Talos) | |
| Mitigations are similar to Petya/NotPetya resistance. An inoculation is also available (see below). |
vulnersCom
/ Petya_ransomware.md
Last active
October 23, 2025 16:09
staaldraad
/ onDC.ps1
Created
May 30, 2017 14:47
Detect Possible Ruler usage On Exchange and Domain Controller
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Get-EventLog -InstanceId 4776 -LogName "Security" | ForEach-Object { | |
| $sp = $_.message -split "`n" | |
| $tmp = $sp | Select-String -Pattern 'RULER' | |
| if($tmp.count -ge 1){ | |
| Write-Host "Possible Ruler usage at: " $_.TimeGenerated | |
| $sp | Select-String -Pattern 'Logon Account:' | write-host | |
| } | |
| } |
tyranid
/ bypass_uac.ps1
Last active
July 11, 2024 12:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Powershell script to bypass UAC on Vista+ assuming | |
| # there exists one elevated process on the same desktop. | |
| # Technical details in: | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-1.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-2.html | |
| # https://tyranidslair.blogspot.co.uk/2017/05/reading-your-way-around-uac-part-3.html | |
| # You need to Install-Module NtObjectManager for this to run. | |
| Import-Module NtObjectManager |
Product: Sagitta Brutalis 1080 (PN S3480-GTX-1080-2697-128)
Software: Hashcat v3.00-beta-145-g069634a, Nvidia driver 367.18
Accelerator: 8x Nvidia GTX 1080 Founders Edition
pkirkovsky
/ yubikey-reset.sh
Last active
February 28, 2025 10:02
Utility for resetting a Yubikey to factory defaults using gpg-connect-agent. This will wipe out any stored keys and reset PINs to default values.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Adapted from https://developers.yubico.com/ykneo-openpgp/ResetApplet.html | |
| gpg-connect-agent <<EOF | |
| /hex | |
| scd serialno | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 | |
| scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40 |
mattifestation
/ WMI_attack_detection.ps1
Last active
March 16, 2021 23:02
BlueHat 2016 - WMI attack detection demo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #region Scriptblocks that will execute upon alert trigger | |
| $LateralMovementDetected = { | |
| $Event = $EventArgs.NewEvent | |
| $EventTime = [DateTime]::FromFileTime($Event.TIME_CREATED) | |
| $MethodName = $Event.MethodName | |
| $Namespace = $Event.Namespace | |
| $Object = $Event.ObjectPath | |
| $User = $Event.User |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e # bail on errors | |
| # Make sure your shell history isn't saved | |
| hsback=$HISTFILE | |
| unset HISTFILE | |
| echo "Enter you current PIN - leave blank if default:" | |
| read oldpin |
NewerOlder