SkyN9ne SkyN9ne
💚
teal33t
/ human_like_mouse_move.py
Created
February 29, 2020 22:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Using B-spline for simulate humane like mouse movments | |
| def human_like_mouse_move(self, action, start_element): | |
| points = [[6, 2], [3, 2],[0, 0], [0, 2]]; | |
| points = np.array(points) | |
| x = points[:,0] | |
| y = points[:,1] | |
| t = range(len(points)) |
FadeMind
/ Win10HometoPro.cmd
Created
June 18, 2020 10:33
— forked from CHEF-KOCH/Win10HometoPro.cmd
Convert Windows 10 Home to Pro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cscript.exe %windir%\system32\slmgr.vbs /rilc | |
| cscript.exe %windir%\system32\slmgr.vbs /upk | |
| cscript.exe %windir%\system32\slmgr.vbs /ckms | |
| cscript.exe %windir%\system32\slmgr.vbs /cpky | |
| cscript.exe %windir%\system32\slmgr.vbs /ipk VK7JG-NPHTM-C97JM-9MPGT-3V66T | |
| sc config LicenseManager start= auto & net start LicenseManager | |
| sc config wuauserv start= auto & net start wuauserv | |
| clipup -v -o -altto c:\ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys, os, mmap, subprocess | |
| from struct import pack, unpack | |
| from ctypes import * | |
| IA32_SYSENTER_ESP = 0x175 | |
| IA32_SYSENTER_EIP = 0x176 | |
| class PyObj(Structure): | |
| _fields_ = [( 'ob_refcnt', c_size_t ), |
FatRodzianko
/ my-am-bypass.ps1
Last active
February 7, 2025 22:31
small modification to Rastemouse's AmsiScanBuffer bypass to use bytes. Uses different opcode bytes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Win32 = @" | |
| using System; | |
| using System.Runtime.InteropServices; | |
| public class Win32 { | |
| [DllImport("kernel32")] | |
| public static extern IntPtr GetProcAddress(IntPtr hModule, string procName); | |
| [DllImport("kernel32")] |
Cr4sh
/ kforge.cpp
Created
May 15, 2021 03:22
Performing arbitrary kernel function calls on HVCI enabled systems with thread context hijacking
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| // vulnerable driver device name | |
| #define EXPL_DEVICE_PATH "\\\\.\\Global\\RTCore64" | |
| // vulnerable driver service and file name | |
| #define EXPL_DRIVER_NAME "RTCore64.sys" | |
| #define EXPL_SERVICE_NAME "RTCore64" | |
| // vulnerable driver IOCTL codes |
SkyN9ne
/ huluChecker.py
Last active
May 21, 2021 01:04
— forked from EmperorRXF/huluChecker.py
HuluChecker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/local/bin/python | |
| import os, sys, math, hmac, operator, time, random, urllib2, md5 | |
| class AES(object): | |
| # Rijndael S-box | |
| sbox = [0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, | |
| 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, | |
| 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7, | |
| 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, |
SkyN9ne
/ GoogleDorksList.txt
Last active
June 3, 2024 06:25
— forked from cmbaughman/GoogleHackMasterList.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| admin account info" filetype:log | |
| !Host=*.* intext:enc_UserPassword=* ext:pcf | |
| "# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd | |
| "AutoCreate=TRUE password=*" | |
| "http://*:*@www” domainname | |
| "index of/" "ws_ftp.ini" "parent directory" | |
| "liveice configuration file" ext:cfg -site:sourceforge.net | |
| "parent directory" +proftpdpasswd | |
| Duclassified" -site:duware.com "DUware All Rights reserved" | |
| duclassmate" -site:duware.com |
Cr4sh
/ smm_backdoor_privesc_linux.py
Last active
May 22, 2024 02:17
Example program that uses SMM backdoor for local privileges escalation under the Linux
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys, os, platform, ctypes | |
| from struct import pack, unpack | |
| import smm_backdoor as bd | |
| try: | |
| import capstone |
Cr4sh
/ smm_backdoor_privesc_win.py
Created
June 16, 2021 19:34
Example program that uses SMM backdoor for local privileges escalation under the Windows
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys, os, platform, ctypes, ctypes.wintypes | |
| from struct import pack, unpack | |
| import smm_backdoor as bd | |
| # MSR register used by swapgs | |
| IA32_KERNEL_GS_BASE = 0xc0000102 |
Cr4sh
/ smm_backdoor_hyper_v.py
Created
June 16, 2021 19:37
Example program that uses SMM backdoor to deploy Hyper-V backdoor (see https://github.com/Cr4sh/s6_pcie_microblaze/tree/master/python/payloads/DmaBackdoorHv)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys, os, time, platform, ctypes | |
| from struct import pack, unpack | |
| from optparse import OptionParser, make_option | |
| import smm_backdoor as bd | |
| # how many seconds to wait for VM exit occur | |
| VM_EXIT_WAIT = 3 |