BeanBagKing

#!/usr/bin/python3

# Article reference: https://nullsec.us/finding-unusual-powershell-with-frequency-analysis/

import urllib
import httplib2
from xml.dom import minidom
import math

baseurl = 'https://<domain>.splunkcloud.com:8089' 

BeanBagKing

# 1105 MEDIA INC. Blacklist

0.0.0.0	05agency.com
0.0.0.0	05group.com
0.0.0.0	101com.com
0.0.0.0	101com.xyz
0.0.0.0	101communications.com
0.0.0.0	101communications.online
0.0.0.0	101direct.com
0.0.0.0	101m3.com

BeanBagKing

apt install cowsay fortune lolcat

while true; do fortune | cowsay -f `find /usr/share/cowsay/cows/ -type f | sort -R | head -n1` | lolcat -a -s 75; sleep 2; done

Kali version:
clear; while true; do /usr/games/fortune | /usr/games/cowsay -f `find /usr/share/cowsay/cows/ -type f | sort -R | head -n1` | /usr/games/lolcat -a -s 75; sleep 2; clear; done

Credit @jeffmcjunkin

BeanBagKing

# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples

# If not running interactively, don't do anything
[ -z "$PS1" ] && return

# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoredups:ignorespace

BeanBagKing

#!/bin/bash

# diffi - Better diff output script
# BeanBagKing - https://gist.github.com/BeanBagKing

# If both arguments aren't given, print help text
if [ -z $1 ] || [ -z $2 ]; then
    echo "Usage: `basename $0` [OLD] [NEW]"
    exit 1
fi

BeanBagKing

root@kali:~# john -h
John the Ripper password cracker, version 1.8.0.6-jumbo-1-bleeding [linux-x86-64-avx]
Copyright (c) 1996-2015 by Solar Designer and others
Homepage: http://www.openwall.com/john/

Usage: john [OPTIONS] [PASSWORD-FILES]
--single[=SECTION]        "single crack" mode
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin
                  --pipe  like --stdin, but bulk reads, and allows rules
--loopback[=FILE]         like --wordlist, but fetch words from a .pot file

BeanBagKing

hashcat64.exe -a 0 -w 0 -m 1000 -r rules/lmNTLM.rule hashes/ntlm.txt lists/lab.txt
hashcat64.exe -a 0 -w 1 -m 1800 hashes/unixmd5.txt lists/rockyou.txt
hashcat64.exe -a 3 -w 1 -m 1800 --increment ?a?a?a?a?a hashes/unixmd5.txt


C:\hashcat-3.10>hashcat64.exe -h
hashcat, advanced password recovery

Usage: hashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...

BeanBagKing

#!/usr/bin/python

# Takes multiple pcap files (packet*.pcap) and...
### Combines them into one pcap (combined.pcap)
### Detects the number of TCP streams
### For each stream, converts it to ascii and stores them in order in a file (encoded_streams.txt)
### Converts URL (percent encoded) values to plaintext equivalent (decoded_streams.txt)

# Run this in the same directory as your packet*.pcap files

BeanBagKing

#!/usr/bin/python

import urllib

fin = open("urlencoded.txt")
fout = open("urldecoded.txt", "wt")
for line in fin:
    fout.write(urllib.unquote(line))
fin.close()
fout.close()

BeanBagKing

# Linux - Look for attempts to hide files (note the spaces)
find / \( -name '. ' -o -name '.. ' -o -name '...' -o -name ' ' \)

# Linux - Find last 20 modified files
### Excluded directoreis for /proc, /sys
### Excludes /tmp/sort* as these are used by this process
##### Exclude directory - find . -type d \( -path dir1 -o -path dir2 -o -path dir3 \) -prune -o -print
find / -type d \( -path /proc -o -path /sys \) -prune -o -print -type f ! -wholename "/tmp/sort*" -exec stat --format '%Y :%y %n' "{}" \; | sort -nr | cut -d: -f2- | head

# Find 20 largest files