Skip to content

Instantly share code, notes, and snippets.

View t94j0's full-sized avatar
🤠
Breaking something or building something. It's all the same anyways

Max Harley t94j0

🤠
Breaking something or building something. It's all the same anyways
236 followers · 286 following
View GitHub Profile
@t94j0
t94j0 / ClipSP.sys.mermaid
Created March 7, 2025 17:59
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@t94j0
t94j0 / pyproject-footer.toml
Created February 25, 2025 20:41
pyproject.toml for uv
@t94j0
t94j0 / Get-Hashes.ps1
Created July 26, 2024 22:07
You need it every once in a while
Get-ChildItem -Recurse -File | Select-Object @{Name="FileName";Expression={$_.Name}}, @{Name="MD5";Expression={(Get-FileHash $_.FullName -Algorithm MD5).Hash}}, @{Name="SHA256";Expression={(Get-FileHash $_.FullName -Algorithm SHA256).Hash}} | Export-Csv -Path "FileHashes.csv" -NoTypeInformation; Import-Csv "FileHashes.csv" | Format-Table -AutoSize
@t94j0
t94j0 / ADExplorerSnapshot.bt
Last active July 8, 2024 02:39
ADExplorer Snapshot - 010 Editor Parsed
//------------------------------------------------
//--- 010 Editor v2.0 Binary Template
//
// File: ADExplorerSnapshot.bt
// Authors: Max Harley, Claude AI
// Version: 1.8
// Purpose: Parse ADExplorer snapshot files including attributes
// Category: Database
// File Mask: *.snapshotdb
// ID Bytes: 41 44 45 58 50 4C 52 44 42 // ADEXPLRDB
@t94j0
t94j0 / is_aws_ip.py
Created June 18, 2024 17:50
import ipaddress
import requests
from argparse import ArgumentParser
def load_iprange() -> list[str]:
data = requests.get('https://ip-ranges.amazonaws.com/ip-ranges.json').json()
return [data['ip_prefix'] for data in data['prefixes']]
def check_ip(ip: str) -> bool:
target = ipaddress.ip_address(ip)
@t94j0
t94j0 / bbot.cypher
Last active August 26, 2024 20:29
Cool BBOT Queries
# Get all domain names, the IP associated, ASN, and open ports
MATCH (dns:DNS_NAME)
OPTIONAL MATCH (dns)-[r2]->(ip:IP_ADDRESS)
OPTIONAL MATCH (ip)-[r3]->(asn:ASN)
OPTIONAL MATCH (dns)-[r4]->(port:OPEN_TCP_PORT)
RETURN
dns.data AS Domain,
ip.data AS IPAddress,
asn.data AS ASN,
collect(DISTINCT TAIL(SPLIT(port.data, ':'))[0]) AS AssociatedPorts
@t94j0
t94j0 / rpc_discovery.ps1
Last active February 25, 2024 20:57
Some discovery scripts
Set-GlobalSymbolResolver -DbgHelpPath 'C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\dbghelp.dll'
function Process-RpcProcedure {
param (
[string]$Path
)
$dllHash = (Get-FileHash -Path $Path).Hash
$rpcs = Get-RpcServer -Path $Path
@t94j0
t94j0 / smb-webclientenum.nse
Created September 28, 2022 19:24
Nmap NSE port of webclientenum
local smb = require "smb"
local stdnse = require "stdnse"
local string = require "string"
description = [[
Port of @zyn3rgy's webclientenum
]]
-- nmap --script=smb-webclientenum.nse --script-args=smbuser=<username>,smbpass=<password>,smbbasic=1,smbsign=force <host>
@t94j0
t94j0 / ss14_macOS_instruments.md
Created November 6, 2021 20:32
Because listening to audio shitposts is fun

Using Instruments in Space Station 14 on macOS

SS14 uses [FluidSynth] as a backend for playing MIDI files. The FluidSynth dylib is not included as a resource in the game, so we must add it ourselves. Luckily, [HomeBrew] has formula for this.

Installation

  1. Install fluid-synth
brew install fluid-synth
@t94j0
t94j0 / .htaccess
Created April 14, 2021 17:55 — forked from curi0usJack/.htaccess
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#