Ben Campbell Meatballs1
Meatballs1
/ gist:dcd0a6017fbf3b4fe56861ac54e7cc1f
Created
August 2, 2017 09:26
Generate a random identifier with Neo4j Apoc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RETURN apoc.text.join(apoc.coll.randomItems(split("abcdefghijklmnopqrstuvwxyz0123456789",""), 12, true),"") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $path = "C:\data\sysvol_results.csv" | |
| $inStream = new-object System.IO.FileStream($path, [System.IO.FileMode]::Open); | |
| $outStream = new-object System.IO.FileStream("$($path).gz", [System.IO.FileMode]::CreateNew); | |
| $compressionStream = new-object System.IO.Compression.GZipStream($outStream, [System.IO.Compression.CompressionMode]::Compress); | |
| $inStream.CopyTo($compressionStream); | |
| $inStream.Close(); | |
| $compressionStream.Close(); | |
| $outStream.Close(); |
Meatballs1
/ PELoader.cs
Last active
October 3, 2022 17:48
Reflective PE Injection Mimikatz - Via InstallUtil.exe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* |
Meatballs1
/ drop_binary.bat
Last active
August 29, 2015 14:26
— forked from mattifestation/drop_binary.bat
Drop binary data from the command line w/o needing PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo -----BEGIN CERTIFICATE----- > encoded.txt | |
| echo Just Base64 encode your binary data | |
| echo TVoAAA== >> encoded.txt | |
| echo -----END CERTIFICATE----- >> encoded.txt | |
| certutil -decode encoded.txt decoded.bin |
Meatballs1
/ InstallUtil-PowerShell.cs
Last active
October 13, 2023 14:47
InstallUtil.exe PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; | |
| using System.Management.Automation.Runspaces; |
Meatballs1
/ pshell.cs
Last active
September 11, 2018 15:00
Invoke Interactive PowerShell and Run Local Scripts Inside InstallUtil
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause | |
| Step One: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Here are the additional steps I had to put in place on a Kali linux VM | |
| to integrate BeEF and pishing-frenzy using mod_proxy as a reverse | |
| proxy. I'm certain this could be done more elegantly but this worked | |
| for my immediate needs. I'll also mention the evasion techniques | |
| within BeEF work amazing well. | |
| Install mod_proxy | |
| apt-get install -y libapache2-mod-proxy-html libxml2-dev | |
| enable mod_proxy |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am meatballs1 on github. | |
| * I am meatballs (https://keybase.io/meatballs) on keybase. | |
| * I have a public key whose fingerprint is 3F50 A6C9 42C9 0046 D070 AC76 5380 EAF0 1F2F 8B38 | |
| To claim this, I am signing this object: |
Meatballs1
/ gist:e1ca08e5e56f6243db0e
Created
August 26, 2014 09:48
— forked from JosephPecoraro/shell-execution.rb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ways to execute a shell script in Ruby | |
| # Example Script - Joseph Pecoraro | |
| cmd = "echo 'hi'" # Sample string that can be used | |
| # 1. Kernel#` - commonly called backticks - `cmd` | |
| # This is like many other languages, including bash, PHP, and Perl | |
| # Returns the result of the shell command | |
| # Docs: http://ruby-doc.org/core/classes/Kernel.html#M001111 |