With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 1 | |
| 11 | |
| 12 | |
| 13 | |
| 14 | |
| 15 | |
| 16 | |
| 17 | |
| 2 |
enigma0x3
/ Invoke-ExcelMacroPivot.ps1
Created
September 11, 2017 14:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-ExcelMacroPivot{ | |
| <# | |
| .AUTHOR | |
| Matt Nelson (@enigma0x3) | |
| .SYNOPSIS | |
| Pivots to a remote host by using an Excel macro and Excel's COM object | |
| .PARAMETER Target | |
| Remote host to pivot to | |
| .PARAMETER RemoteDocumentPath | |
| Local path on the remote host where the payload resides |
ryhanson
/ ExcelXLL.md
Last active
November 8, 2024 14:51
Execute a DLL via .xll files and the Excel.Application object's RegisterXLL() method
A DLL can be loaded and executed via Excel by initializing the Excel.Application COM object and passing a DLL to the RegisterXLL method. The DLL path does not need to be local, it can also be a UNC path that points to a remote WebDAV server.
When delivering via WebDAV, it should be noted that the DLL is still written to disk but the dropped file is not the one loaded in to the process. This is the case for any file downloaded via WebDAV, and they are stored at: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\.
The RegisterXLL function expects an XLL add-in which is essentially a specially crafted DLL with specific exports. More info on XLL's can be found on MSDN
The XLL can also be executed by double-clicking the .xll file, however there is a security warning. @rxwx has more notes on this here inc
NikolasTzimoulis
/ MachineLibrary.java
Created
May 31, 2012 20:44
A simple implementation of a Turing Machine in Java (which I wrote the night before a Theory of Computation exam instead of studying)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package tm; | |
| public final class MachinesLibrary | |
| { | |
| private MachinesLibrary() {} | |
| public static TuringMachine EqualBinaryWords() | |
| { | |
| TuringMachine newTM = new TuringMachine(); | |
| newTM.addState("q1"); |