Skip to content

Instantly share code, notes, and snippets.

View Taius's full-sized avatar

Matthew Linney Taius

47 followers · 70 following
  • United Kingdom
View GitHub Profile
@ngregoire
ngregoire / burl
Created December 31, 2024 15:18
A simple wrapper that routes curl traffic through Burp Suite
#/usr/bin/env sh
curl --proxy http://127.0.0.1:8080/ --user-agent burl --insecure "$@"
@jborean93
jborean93 / New-ScheduledTaskSession.ps1
Last active January 11, 2025 21:05
Creates a PSSession that targets a scheduled task process
# Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
Function New-ScheduledTaskSession {
<#
.SYNOPSIS
Creates a PSSession for a process running as a scheduled task.
.DESCRIPTION
Creates a PSSession that can be used to run code inside a scheduled task
@tin-z
tin-z / VR_roadmap.md
Last active March 9, 2025 19:08
Becoming a Vulnerability Researcher roadmap: my personal experience
@Homer28
Homer28 / test_dll.c
Last active December 13, 2024 20:24
DLL code for testing CVE-2024-21378 in MS Outlook
/**
* This DLL is designed for use in conjunction with the Ruler tool for
* security testing related to the CVE-2024-21378 vulnerability,
* specifically targeting MS Outlook.
*
* It can be used with the following command line syntax:
* ruler [auth-params] form add-com [attack-params] --dll ./test.dll
* Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
*
* After being loaded into MS Outlook, it sends the PC's hostname and
@mistymntncop
mistymntncop / demo.c
Last active April 17, 2024 16:09
NtWaitForDebugEvent + WaitForMultipleObjects
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <windows.h>
#include "nt_crap.h"
#define ArrayCount(arr) (sizeof(arr)/sizeof(arr[0]))
#define assert(expr) if(!(expr)) { *(char*)0 = 0; }
@odzhan
odzhan / ntdelegate.cpp
Created February 13, 2024 21:47
Delegate NT DLL Table
//
// How to locate the NT Delegate Callback Table in x86 builds of ntdll.dll
//
// @modexpblog
//
#define PHNT_VERSION PHNT_THRESHOLD
#include <phnt_windows.h>
#include <phnt.h>
@montasaurus
montasaurus / llmc.sh
Last active February 18, 2025 21:43
AI Shell Command Generator
llmc() {
local system_prompt='Output a command that I can run in a ZSH terminal on macOS to accomplish the following task. Try to make the command self-documenting, using the long version of flags where possible. Output the command first enclosed in a "```zsh" codeblock followed by a concise explanation of how it accomplishes it.'
local temp_file=$(mktemp)
local capturing=true
local command_buffer=""
local first_line=true
local cleaned_up=false # Flag to indicate whether cleanup has been run
cleanup() {
# Only run cleanup if it hasn't been done yet
@WKL-Sec
WKL-Sec / ParentProcessValidator.cpp
Created February 9, 2024 13:47
This C++ code snippet demonstrates how to verify if an executable is launched by explorer.exe to enhance security during red team operations.
# White Knight Labs - Offensive Development
# Guardrails - Parent Process Check
#include <windows.h>
#include <tlhelp32.h>
#include <psapi.h>
#include <tchar.h>
#include <iostream>
// Function to get the ID of the parent process
@avlidienbrunn
avlidienbrunn / writeup.md
Created September 18, 2023 16:18
challenge writeup content-type shenanigans

Description

This was a challenge to demonstrate how the content-type header can be used to fool the browser into treating the HTTP response body in unexpected ways.

Source

As the harder solution works for both, heres source:

php
@0xdevalias
0xdevalias / _deobfuscating-unminifying-obfuscated-web-app-code.md
Last active March 8, 2025 07:43
Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code