Skip to content

Instantly share code, notes, and snippets.

View 0xSV1's full-sized avatar

SV1 0xSV1

38 followers · 11 following
  • Norway
View GitHub Profile
@0xSV1
0xSV1 / powershell-web-server.ps1
Created October 7, 2020 14:57 — forked from 19WAS85/powershell-web-server.ps1
A simple web server built with powershell.
# This is a super **SIMPLE** example of how to create a very basic powershell webserver
# 2019-05-18 UPDATE — Created by me and and evalued by @jakobii and the comunity.
# Http Server
$http = [System.Net.HttpListener]::new()
# Hostname and port to listen on
$http.Prefixes.Add("http://localhost:8080/")
# Start the Http Server
@0xSV1
0xSV1 / MuteSysmon.cs
Created October 7, 2020 14:57 — forked from Flangvik/MuteSysmon.cs
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Text;
namespace MuteSysmon
{
class Program
@0xSV1
0xSV1 / README.md
Created September 1, 2020 22:06 — forked from byt3bl33d3r/README.md
Remote AppDomainManager Injection

This is a variation of the technique originally discovered by subtee and described here

TL;DR It essentially allows you to turn any .NET application into a lolbin by providing a configuration file and specifying the <appDomainManagerAssembly> element pointing to a specially crafted .NET assembly which executes when the application is loaded.

This variation allows you to load the AppDomainManager assembly from a UNC path or HTTP(s) server. Also disables ETW thanks to the <etwEnable> element :)

  1. Copy some binary you love to say, C:\Test. Lets use aspnet_compiler.exe as an example
  2. Compile test.cs to test.dll with a signed strong name, this is required to load an assembly outside of a .NET applications base directory.
  3. Host test.dll on a remote SMB or HTTP(S) server
@0xSV1
0xSV1 / go-sharp-loader.go
Created August 19, 2020 22:27 — forked from ropnop/go-sharp-loader.go
Example Go file embedding multiple .NET executables
package main
/*
Example Go program with multiple .NET Binaries embedded
This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with:
$ go get -u github.com/gobuffalo/packr/packr
Place all your EXEs are in a "binaries" folder
@0xSV1
0xSV1 / AzureOAuthTools.ps1
Created June 25, 2020 18:57 — forked from dafthack/AzureOAuthTools.ps1
A few PowerShell tools for working with Azure OAuth2 Authentication Codes and Access Tokens
## A few tools for working with Azure OAuth2 Authentication Codes and access_tokens
## By Beau Bullock @dafthack
Function Get-AzureAccessToken{
Param
(
[Parameter(Position = 0, Mandatory = $false)]
[string]
@0xSV1
0xSV1 / .htaccess
Created February 10, 2020 13:04 — forked from curi0usJack/.htaccess
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#