Skip to content

Instantly share code, notes, and snippets.

View secdev02's full-sized avatar

Casey secdev02

9 followers · 0 following
View GitHub Profile
@secdev02
secdev02 / InterceptorThing.ps1
Created December 15, 2023 02:38 — forked from xenoscr/InterceptorThing.ps1
Interceptor - Normal User No Admin Required.
<#
.SYNOPSIS
This script demonstrates the ability to capture and tamper with Web sessions.
For secure sessions, this is done by dynamically writing certificates to match the requested domain.
This is only proof-of-concept, and should be used cautiously, to demonstrate the effects of such an attack.
This script requires local administrative privileges to execute properly.
Function: Interceptor
Author: Casey Smith, Twitter: @subTee
@secdev02
secdev02 / CertificateCloning.ps1
Created December 15, 2023 18:41 — forked from mattifestation/CertificateCloning.ps1
The steps required to clone a legitimate certificate chain and sign code with it.
# We'll just store the cloned certificates in current user "Personal" store for now.
$CertStoreLocation = @{ CertStoreLocation = 'Cert:\CurrentUser\My' }
$MS_Root_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32Root.cer
$Cloned_MS_Root_Cert = New-SelfSignedCertificate -CloneCert $MS_Root_Cert @CertStoreLocation
$MS_PCA_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32PCA.cer
$Cloned_MS_PCA_Cert = New-SelfSignedCertificate -CloneCert $MS_PCA_Cert -Signer $Cloned_MS_Root_Cert @CertStoreLocation
$MS_Leaf_Cert = Get-PfxCertificate -FilePath C:\Test\MSKernel32Leaf.cer
@secdev02
secdev02 / DevelopmentCertificateAuthority.psm1
Created December 15, 2023 20:15 — forked from jrotello/DevelopmentCertificateAuthority.psm1
A PowerShell module to ease creating a certificate authority and intermediate authority for development purposes
function New-SelfSignedRootCertificate {
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[string] $Name,
[Parameter(Mandatory = $true)]
[string] $CertStoreLocation,
[Parameter()]
@secdev02
secdev02 / modsqrt.py
Created January 11, 2024 15:02 — forked from nakov/modsqrt.py
mod_sqrt - Python 3 implementation
def modular_sqrt(a, p):
def legendre_symbol(a, p):
""" Compute the Legendre symbol a|p using
Euler's criterion. p is a prime, a is
relatively prime to p (if p divides
a, then a|p = 0)
Returns 1 if a has a square root modulo
p, -1 otherwise.
@secdev02
secdev02 / primes.py
Created January 11, 2024 15:18 — forked from B45i/primes.py
Python list containing first 10,000 prime numbers
primes = [ 2, 3, 5, 7, 11, 13, 17, 19, 23, 29,
31, 37, 41, 43, 47, 53, 59, 61, 67, 71,
73, 79, 83, 89, 97, 101, 103, 107, 109, 113,
127, 131, 137, 139, 149, 151, 157, 163, 167, 173,
179, 181, 191, 193, 197, 199, 211, 223, 227, 229,
233, 239, 241, 251, 257, 263, 269, 271, 277, 281,
283, 293, 307, 311, 313, 317, 331, 337, 347, 349,
353, 359, 367, 373, 379, 383, 389, 397, 401, 409,
419, 421, 431, 433, 439, 443, 449, 457, 461, 463,
467, 479, 487, 491, 499, 503, 509, 521, 523, 541,
@secdev02
secdev02 / scriptlet.md
Created February 1, 2024 19:33 — forked from cure53/scriptlet.md
The Scriptless Scriptlet - Or how to execute JavaScript from CSS in MSIE11 without using Scripts

The Scriptless Scriptlet

Or how to execute JavaScript from CSS in MSIE11 without using Scripts

Stop! This text is only interesting for you if you...

  • Like popping alerts in weird situations
  • Miss CSS expressions as much as we do
  • Have an unhealthy obsession for markup porn

Introduction

@secdev02
secdev02 / Numbers.Xml
Last active February 9, 2024 19:55 — forked from leoloobeek/Numbers.Xml
XSLT C# Examples
<?xml version='1.0'?>
<data>
<circle>
<radius>12</radius>
</circle>
<circle>
<radius>37.5</radius>
</circle>
</data>
@secdev02
secdev02 / Provision-TestLabDC.ps1
Created February 12, 2024 14:50 — forked from mortenya/Provision-TestLabDC.ps1
A PowerShell script to provision a DC with DNS and DHCP from a Server Core install
<#
This is an attempt at a script to provision a DC VM in a disposable testlab
This will also set the DC as authoritative time source, DHCP, and DNS server
Windows Server® 2012 and 2012 R2 Core Network Guide
https://gallery.technet.microsoft.com/Windows-Server-2012-and-7c5fe8ea
#>
# rename the computer and reboot, this isn't needed if using Vagrant
#Rename-Computer -NewName newhost -Restart -Force
@secdev02
secdev02 / Test-AdDnsRR.ps1
Created February 13, 2024 18:26 — forked from JaekelEDV/Test-AdDnsRR.ps1
Powershell script checking for AD-relevant DNS Resource Records in DNS
#This script checks if all AD-relevant SRV-Records exist in DNS. Also it looks for netlogon.dns and the A-Record for the DC.
$Domain = (Get-ADDomain).DNSRoot
$DCName = (Get-ADDomainController).Name
$msdcs = (Get-DnsServerResourceRecord -ZoneName _msdcs.$Domain -RRType Srv)
$ARR = (Get-DnsServerResourceRecord -ZoneName $Domain -RRType A)
$PDC = [string] "_ldap._tcp.pdc"
$GC = [string] "_ldap._tcp.gc"
$KDC = [string] "_kerberos._tcp.dc"
$DC = [string] "_ldap._tcp.dc"
@secdev02
secdev02 / XZ Backdoor Analysis
Created March 31, 2024 12:38 — forked from smx-smx/XZ Backdoor Analysis
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress