Search the Community

XLM Macro Deobfuscator XLM Macro Deobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2, and its own parser to extract cells and other information from xls, xlsb, and xlsm files, respectively. You can also find XLM grammar in xlm-macro-en.lark Changelog v0.2.6 Fix bug in interpreting a formula if contains a sheet name that is a valid col name like C1 [hide][Hidden Content]]

This python script allows to extract of various information from a Microsoft Remote Desktop Web Access (RDWA) application, such as the FQDN of the remote server, the internal AD domain name (from the FQDN), and the remote Windows Server version. [hide][Hidden Content]]

Learn to get proxies from sites and extract them and filter healthy proxies [Hidden Content]

Hi, can someone give me a phone number extractor? I would like to extract the numbers from sites such as: bakeca.it subito.it Thank you in advance

XLM Macro Deobfuscator XLM Macro Deobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2, and its own parser to extract cells and other information from xls, xlsb, and xlsm files, respectively. You can also find XLM grammar in xlm-macro-en.lark Changelog v0.2.3 Added support for FORMULA.ARRAY and _xlfn.ARABIC Fixed several bugs [hide][Hidden Content]]

XLM Macro Deobfuscator XLM Macro Deobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2, and its own parser to extract cells and other information from xls, xlsb, and xlsm files, respectively. You can also find XLM grammar in xlm-macro-en.lark Changelog v0.2 Considers auto_close defined names as starting points for interpreting macros Loads XLSM files with many empty cells much faster Has new switches –defined-names –sort-formula –extract-formula-format Supports more functions SQRT Has less bugs (Lots of bugs were fixed in this version). [hide][Hidden Content]]

XLMMacroDeobfuscator - Extract And Deobfuscate XLM Macros (A.K.A Excel 4.0 Macros) XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2 and its own parser to extract cells and other information from xls, xlsb and xlsm files, respectively. [hide][Hidden Content]]

ADCollector is a lightweight tool that enumerates the Active Directory environment to identify possible attack vectors. It will give you a basic understanding of the configuration/deployment of the environment as a starting point. Notes: ADCollector is not an alternative to the powerful PowerView, it just automates enumeration to quickly identify juicy information without thinking too much at the early Recon stage. Functions implemented in ADCollector are ideal for enumeration in a large Enterprise environment with lots of users/computers, without generating lots of traffic and taking a large amount of time. It only focuses on extracting useful attributes/properties/ACLs from the most valuable targets instead of enumerating all available attributes from all the user/computer objects in the domain. You will definitely need PowerView to do more detailed enumeration later. The aim of developing this tool is to help me learn more about Active Directory security in a different perspective as well as to figure out what’s behind the scenes of those PowerView functions. I just started learning .NET with C#, the code could be really terrible~ It uses S.DS namespace to retrieve domain/forest information from the domain controller(LDAP server). It also utilizes S.DS.P namespace for LDAP searching. Enumeration Current Domain/Forest information Domains in the current forest (with domain SIDs) Domain Controllers in the current domain [GC/RODC] (with ~~IP, OS Site and ~~Roles) Domain/Forest trusts as well as trusted domain objects[SID filtering status] Privileged users (currently in DA and EA group) Unconstrained delegation accounts (Excluding DCs) Constrained Delegation (S4U2Self, S4U2Proxy, Resources-based constrained delegation) MSSQL/Exchange/RDP/PS Remoting SPN accounts User accounts with SPN set & password does not expire account Confidential attributes () ASREQROAST (DontRequirePreAuth accounts) AdminSDHolder protected accounts Domain attributes (MAQ, minPwdLength, maxPwdAge lockoutThreshold, gpLink[group policies that linked to the current domain object]) LDAP basic info(supportedLDAPVersion, supportedSASLMechanisms, domain/forest/DC Functionality) Kerberos Policy Interesting ACLs on the domain object, resolving GUIDs (User-defined object in the future) Unusual DCSync Accounts Interesting ACLs on GPOs Interesting descriptions on user objects Sensitive & Not delegate account Group Policy Preference cpassword in SYSVOL/Cache Effective GPOs on the current user/computer Restricted groups Nested Group Membership Changelog v2.0 1. Complete Rewrite (more extensible) 2. Add Interactive Menu with command line choice 3. Use direct API call to enumerate Trust relationship 4. Update Applied GPO Enumeration with Security Filtering and WMI Filtering (WMIFilter needs to be checked manually) 5. Add LDAP DNS Record Enumeration 6. RunAs: Run ADCollector under another user context 7. Flexible SPN Scan, DNS Records, Nested Group Membership, ACL Enumeration 8. Add NetSessionEnum, NetLocalGroupGetMembers and NetWkstaUserEnum [hide][Hidden Content]]

This script extracts all the labels found in the LST file that is given as the script's single argument. An x64dbg database is created in the current directory based on the extracted labels. The LST file can be generated in IDA from the File menu: Produce file -> Create LST file... [HIDE][Hidden Content]]

Seth is a tool written in Python and Bash to MitM RDP connections by attempting to downgrade the connection in order to extract clear text credentials. It was developed to raise awareness and educate about the importance of properly configured RDP connections in the context of pentests, workshops or talks. The author is Adrian Vollmer (SySS GmbH). Disclaimer Use at your own risk. Do not use without full consent of everyone involved. For educational purposes only. [HIDE][Hidden Content]]