Parse the kubernetes manifest in yaml or json, don't care a manifest type.
Examples:
package main
import (
"bytes"
"context"
Dliv3
/ az-enum.sh
Created
August 20, 2025 03:23
— forked from iknowjason/az-enum.sh
Azure Enum & Recon Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Start with a DNS domain as seed, and do some recon to check if domain is M365 / Azure tenant hosted | |
| # Insert your domain environment variable below | |
| DOMAIN="microsoft.com" | |
| # Check the getuserrealm.srf endpoint for domain information | |
| # Check autodiscover.$DOMAIN DNS entry | |
| host autodiscover.$DOMAIN | |
| # Note: Checks autodiscover forward lookup ~ you should see a CNAME record for autodiscover.$DOMAIN pointing to autodiscover.otulook.com |
Dliv3
/ download_fusion.sh
Created
August 13, 2025 03:37
— forked from jetfir3/download_fusion.sh
Download VMware Fusion Pro Without a Broadcom Account
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Download VMware Fusion for macOS without a Broadcom account. | |
| # | |
| # This script allows you to download various versions of VMware Fusion | |
| # from Broadcom's Cloudflare CDN (versions 8.0.0 to 13.6.3) | |
| # or from the archive.org VMware Workstation archive (versions 8.x.x+). | |
| # | |
| # Options: | |
| # -k: Keep the downloaded file compressed (Cloudflare only; ignored for archive.org). |
Dliv3
/ client-go-parse-yaml.md
Created
February 21, 2025 09:00
— forked from pytimer/client-go-parse-yaml.md
Dliv3
/ main.cpp
Created
February 8, 2025 03:40
— forked from monoxgas/main.cpp
Adapative DLL Hijacking - Stability Hooking
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <intrin.h> | |
| #include <string> | |
| #include <TlHelp32.h> | |
| #include <psapi.h> | |
| DWORD WINAPI Thread(LPVOID lpParam) { | |
| // Insert evil stuff | |
| ExitProcess(0); |
Dliv3
/ Source.cpp
Created
December 7, 2023 10:35
— forked from mgeeky/Source.cpp
Thread Execution via NtCreateWorkerFactory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <winternl.h> | |
| #include <stdio.h> | |
| #define WORKER_FACTORY_FULL_ACCESS 0xf00ff | |
| // https://github.com/winsiderss/systeminformer/blob/17fb2e0048f062a04394c4ccd615b611e6ffd45d/phnt/include/ntexapi.h#LL1096C1-L1115C52 | |
| typedef enum _WORKERFACTORYINFOCLASS | |
| { | |
| WorkerFactoryTimeout, // LARGE_INTEGER |
Dliv3
/ decryptKerbTicket.py
Created
July 30, 2023 05:47
— forked from tothi/decryptKerbTicket.py
Decrypt kerberos tickets and parse out authorization data
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # NOTE: this script was created for educational purposes to assist learning about kerberos tickets. | |
| # Likely to have a few bugs that cause it to fail to decrypt some TGT or Service tickets. | |
| # | |
| # Recommended Instructions: | |
| # Obtain valid kerberos tickets using Rubeus or mimikatz "sekurlsa::tickets /export" | |
| # Optionally convert tickets to ccache format using kekeo "misc::convert ccache <ticketName.kirbi>" | |
| # Obtain appropriate aes256 key using dcsync (krbtgt for TGT or usually target computer account for Service Ticket) | |
| # Run this script to decrypt: | |
| # ./decryptKerbTicket.py -k 5c7ee0b8f0ffeedbeefdeadbeeff1eefc7d313620feedbeefdeadbeefafd601e -t ./[email protected][email protected] |
Dliv3
/ unwxapkg.py
Created
April 13, 2023 10:44
— forked from Integ/unwxapkg.py
A useful tool for unpack wxapkg file with python3 surport.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # coding: utf-8 | |
| # py2 origin author lrdcq | |
| # usage python3 unwxapkg.py filename | |
| __author__ = 'Integ: https://github.com./integ' | |
| import sys, os | |
| import struct | |
| class WxapkgFile(object): |
Dliv3
/ esc1.ps1
Created
February 23, 2023 04:47
— forked from b4cktr4ck2/esc1.ps1
PowerShell script to exploit ESC1/retrieve your own NTLM password hash.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Thank you @NotMedic for troubleshooting/validating stuff! | |
| $password = Read-Host -Prompt "Enter Password" | |
| #^^ Feel free to hardcode this for running in a beacon/not retyping it all the time! | |
| $server = "admin" #This will just decide the name of the cert request files that are created. I didn't want to change the var name so it's server for now. | |
| $CERTPATH = "C:\Users\lowpriv\Desktop\" #Where do you want the cert requests to be stored? | |
| $CAFQDN = "dc01.alexlab.local" #hostname of underlying CA box. | |
| $CASERVER = "alexlab-dc01-ca" #CA name. | |
| $CA = $CAFQDN + "\" + $CASERVER |
Dliv3
/ PatchExtract.ps1
Created
November 11, 2022 13:42
— forked from wumb0/PatchExtract.ps1
a gist copy of patch extract by Greg Lanaris
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| ____ ______ ______ ____ __ __ | |
| /\ _`\ /\ _ \ /\__ _\/\ _`\ /\ \/\ \ | |
| \ \ \L\ \\ \ \L\ \\/_/\ \/\ \ \/\_\\ \ \_\ \ | |
| \ \ ,__/ \ \ __ \ \ \ \ \ \ \/_/_\ \ _ \ | |
| \ \ \/ \ \ \/\ \ \ \ \ \ \ \L\ \\ \ \ \ \ | |
| \ \_\ \ \_\ \_\ \ \_\ \ \____/ \ \_\ \_\ | |
| \/_/ \/_/\/_/ \/_/ \/___/ \/_/\/_/ | |
Dliv3
/ delta_patch.py
Created
November 11, 2022 13:42
— forked from wumb0/delta_patch.py
a script for applying MS patch deltas
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ctypes import (windll, wintypes, c_uint64, cast, POINTER, Union, c_ubyte, | |
| LittleEndianStructure, byref, c_size_t) | |
| import zlib | |
| # types and flags | |
| DELTA_FLAG_TYPE = c_uint64 | |
| DELTA_FLAG_NONE = 0x00000000 | |
| DELTA_APPLY_FLAG_ALLOW_PA19 = 0x00000001 |
NewerOlder