Skip to content

Instantly share code, notes, and snippets.

View blacklabssecurity's full-sized avatar

m4l3n1c3 blacklabssecurity

7 followers · 4 following
View GitHub Profile
@blacklabssecurity
blacklabssecurity / log-all-zsh-bash-commands-syslog.md
Last active September 9, 2021 17:50 — forked from dayreiner/log-all-zsh-bash-commands-syslog.md
Log all users zsh / bash commands via syslog without 3rd-party tools or auditd

Sending Bash and ZSH Commands to Syslog

Also posted here: http://18pct.com/sending-bash-and-zsh-commands-to-syslog/

Your bash/zsh history is great if its complete, but it doesn't capture commands across all users, sudo's, root commands etc. In particular with test environments, someone may perform a "one-off" procedure and then months later it needs to be repeated. It would be nice to be able to look up what the user did at the time, and searching through multiple, possibly truncated history files is a pain.

Tools like typescript are great if you're actively documenting, but not something you would use all the time in practice and capture more than just a history of your commands. There are third-party tools like rootsh and Snoopy that can accomplish this, but third-party tools can be overkill if all you want is a quick reference in a re

@blacklabssecurity
blacklabssecurity / multi hop ssh socks proxy Directions
Created February 9, 2020 17:07 — forked from tatanus/multi hop ssh socks proxy Directions
Command to run:
ssh -L 2222:localhost:8501 [email protected]
where 2222 is the local port mapping it can be any number above 1000
where localhost must be set to localhost and refers to your current connection
where 8501 is the port you will be opening up on the remote machine
where [email protected] is the first hop in your quest for internal access
@blacklabssecurity
blacklabssecurity / InstallUtil-Shellcode-cs
Created September 10, 2018 05:41 — forked from lithackr/InstallUtil-Shellcode-cs
From https://gist.github.com/subTee/408d980d88515a539672
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
@blacklabssecurity
blacklabssecurity / systemBaseline.bat
Last active September 7, 2018 17:29
Windows Batch used to create system baselines
@ECHO OFF
@REM Logic used to create system baselines and output to log files
@REM Requires elevated privileges
@SETLOCAL ENABLEDELAYEDEXPANSION
@REM Use WMIC to retrieve date and time
@ECHO OFF
for /f %%x in ('wmic path win32_localtime get /format:list ^| findstr "="') do set %%x
set TODAY=%Month%-%Day%-%Year%
@blacklabssecurity
blacklabssecurity / static-dhcp.bat
Created September 4, 2018 19:25
Used to set static & dhcp through WinCMDLine
@echo off
REM Logic used to set either static or dhcp address through cmd line on Windows
echo Choose:
echo [A] Set Static IP
echo [B] Set DHCP
echo.
REM Logic to establish a choice with default value of A
:choice
SET /P C=[A,B]?
@blacklabssecurity
blacklabssecurity / yes_no_func.sh
Created September 2, 2018 23:41
Yes / No Function for bash
#!/bin/bash
# This is a general-purpose function to ask Yes/No questions in Bash, either
# with or without a default answer. It keeps repeating the question until it
# gets a valid answer.
ask() {
local prompt default reply
while true; do
@blacklabssecurity
blacklabssecurity / ipv4Configuration.sh
Last active September 2, 2018 23:39
Used to change a Debian Linux system between static and dynamic addressing
#!/bin/bash
dhcp_func () {
echo "Let's configure your IPv4 DHCP configuration."
sed -i 's|static|dhcp|g' /etc/network/interfaces
if /etc/network/interfaces | grep "address"; then
sed -i 's|address.*|#address|g' /etc/network/interfaces
fi
if /etc/network/interfaces | grep "netmask"; then
@blacklabssecurity
blacklabssecurity / systemBaselineCreation.sh
Last active September 2, 2018 23:03
System Baseline Creation - Debian
#!/bin/bash
# Used to create a system baseline and output results for analysis and past comparison
# date creation for log file naming
today=`date '+%Y_%m_%d'`
# Creating the log directory
mkdir /var/log/systemBaseline && logdir=/var/log/systemBaseline
@blacklabssecurity
blacklabssecurity / SNAPSHOT.BAT
Created September 2, 2018 21:18 — forked from MSAdministrator/SNAPSHOT.BAT
SNAPSHOT.BAT
@ECHO OFF
REM **********************************************************************
REM Name: SNAPSHOT.BAT
REM Version: 3.3
REM Date: 2.Apr.2013
REM Author: Jason Fossen (http://www.sans.org/windows-security/)
REM Purpose: Dumps a vast amount of configuration data for the sake
REM of auditing and forensics analysis. Compare snapshot
REM files created at different times to extract differences.
REM Usage: Place the script into a directory where it is safe to
@blacklabssecurity
blacklabssecurity / breachcompilation.txt
Created December 20, 2017 21:34
1.4 billion password breach compilation wordlist
wordlist created from original 41G stash via:
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt
Then, compressed with:
7z a breachcompilation.txt.7z breachcompilation.txt
Size: