├── .gitignore ├── CSharp ├── DisablePSLogging.cs └── PSReflection.cs ├── LICENSE ├── PowerShellScripts ├── Compress-File.ps1 ├── Convert-DirListingToTsv.ps1 ├── ConvertFrom-DsSchemaGuid.ps1 ├── Find-RegistrySecurityDescriptors.ps1 ├── Get-AppId.ps1 ├── Get-ChromeDump.ps1 ├── Get-DomainObjectAcl2.ps1 ├── Get-DotNetServices.ps1 ├── Get-ExplicitLogonEvents.ps1 ├── Get-FlattenedRegistryKey.ps1 ├── Get-GeneratedEvents.ps1 ├── Get-HostProfile.ps1 ├── Get-HttpWsusServers.ps1 ├── Get-KerberoastingHash.ps1 ├── Get-LdapCurrentUser.ps1 ├── Get-LoadedPInvokeFunctions.ps1 ├── Get-LogoffEvents.ps1 ├── Get-LogonEvents.ps1 ├── Get-LogonSession.ps1 ├── Get-LogonSessionProcesses.ps1 ├── Get-MailboxRules.ps1 ├── Get-NamedPipeServerProcess.ps1 ├── Get-SkypeStuff.ps1 ├── Invoke-SMBNegotiate.ps1 ├── New-ZipFolder.ps1 ├── Putty.ps1 ├── Start-EtwTrace.ps1 └── Start-ProcessAsUser.ps1 ├── README.md └── mythic ├── README.md ├── blockips.conf ├── clean.sh ├── common.sh ├── create_payload.py ├── hide_dead_callbacks.py ├── mythic-cert.crt ├── mythic-ssl.key └── start.sh /.gitignore: -------------------------------------------------------------------------------- 1 | **/*.bin 2 | -------------------------------------------------------------------------------- /CSharp/DisablePSLogging.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/CSharp/DisablePSLogging.cs -------------------------------------------------------------------------------- /CSharp/PSReflection.cs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/CSharp/PSReflection.cs -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/LICENSE -------------------------------------------------------------------------------- /PowerShellScripts/Compress-File.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Compress-File.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Convert-DirListingToTsv.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Convert-DirListingToTsv.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/ConvertFrom-DsSchemaGuid.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/ConvertFrom-DsSchemaGuid.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Find-RegistrySecurityDescriptors.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Find-RegistrySecurityDescriptors.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-AppId.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-AppId.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-ChromeDump.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-ChromeDump.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-DomainObjectAcl2.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-DomainObjectAcl2.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-DotNetServices.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-DotNetServices.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-ExplicitLogonEvents.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-ExplicitLogonEvents.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-FlattenedRegistryKey.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-FlattenedRegistryKey.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-GeneratedEvents.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-GeneratedEvents.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-HostProfile.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-HostProfile.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-HttpWsusServers.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-HttpWsusServers.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-KerberoastingHash.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-KerberoastingHash.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-LdapCurrentUser.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-LdapCurrentUser.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-LoadedPInvokeFunctions.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-LoadedPInvokeFunctions.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-LogoffEvents.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-LogoffEvents.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-LogonEvents.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-LogonEvents.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-LogonSession.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-LogonSession.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-LogonSessionProcesses.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-LogonSessionProcesses.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-MailboxRules.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-MailboxRules.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-NamedPipeServerProcess.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-NamedPipeServerProcess.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Get-SkypeStuff.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Get-SkypeStuff.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Invoke-SMBNegotiate.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Invoke-SMBNegotiate.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/New-ZipFolder.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/New-ZipFolder.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Putty.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Putty.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Start-EtwTrace.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Start-EtwTrace.ps1 -------------------------------------------------------------------------------- /PowerShellScripts/Start-ProcessAsUser.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/PowerShellScripts/Start-ProcessAsUser.ps1 -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Random 2 | Assorted scripts and one off things 3 | 4 | -------------------------------------------------------------------------------- /mythic/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/README.md -------------------------------------------------------------------------------- /mythic/blockips.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/blockips.conf -------------------------------------------------------------------------------- /mythic/clean.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/clean.sh -------------------------------------------------------------------------------- /mythic/common.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/common.sh -------------------------------------------------------------------------------- /mythic/create_payload.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/create_payload.py -------------------------------------------------------------------------------- /mythic/hide_dead_callbacks.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/hide_dead_callbacks.py -------------------------------------------------------------------------------- /mythic/mythic-cert.crt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/mythic-cert.crt -------------------------------------------------------------------------------- /mythic/mythic-ssl.key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/mythic-ssl.key -------------------------------------------------------------------------------- /mythic/start.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/leechristensen/Random/HEAD/mythic/start.sh --------------------------------------------------------------------------------