Adam M Toscher W00t3k
W00t3k
/ New-RegSvr32BatchFile.ps1
Created
January 20, 2018 13:00
— forked from xorrior/New-RegSvr32BatchFile.ps1
Generate a batch file to execute a dll with regsvr32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function New-RegSvr32BatchFile | |
| { | |
| <# | |
| .SYNOPSIS | |
| Generates a batch file which will contain a certutil encoded, cab compressed payload. | |
| .DESCRIPTION | |
| The batch file will decode and decompress the cab file, then execute the dll within with regsvr32. You may modify the bat file to execute whatever you want. | |
| Create payload: |
W00t3k
/ reclaimWindows10.ps1
Created
January 20, 2018 13:01
— forked from alirobe/reclaimWindows10.ps1
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ########## | |
| # Tweaked Win10 Initial Setup Script | |
| # Primary Author: Disassembler <disassembler@dasm.cz> | |
| # Modified by: alirobe <alirobe@alirobe.com> based on my personal preferences. | |
| # Version: 2.10.1, 2017-11-25 | |
| # Primary Author Source: https://github.com/Disassembler0/Win10-Initial-Setup-Script | |
| # Tweaked Source: https://gist.github.com/alirobe/7f3b34ad89a159e6daa1/ | |
| # Tweak difference: | |
| # | |
| # @alirobe's version is a subset focused on safely disabling telemetry, 'smart' features, and 3rd party bloat ... |
W00t3k
/ brute-force-chances.js
Created
January 25, 2018 01:22
— forked from relaxnow/brute-force-chances.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Bit of code you can run in your developer toolbar or on https://jsfiddle.net . | |
| * | |
| * Fill in the characteristics of your own 'public file' solution and acceptance criteria. | |
| */ | |
| (function(){ | |
| 'use strict'; | |
| // dec=10,hex=16,[A-Z0-9]=36, etc. | |
| var CHARACTER_COMBINATIONS = 16, |
W00t3k
/ brute-force-chances.js
Created
January 25, 2018 01:22
— forked from relaxnow/brute-force-chances.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Bit of code you can run in your developer toolbar or on https://jsfiddle.net . | |
| * | |
| * Fill in the characteristics of your own 'public file' solution and acceptance criteria. | |
| */ | |
| (function(){ | |
| 'use strict'; | |
| // dec=10,hex=16,[A-Z0-9]=36, etc. | |
| var CHARACTER_COMBINATIONS = 16, |
W00t3k
/ cmstp.inf
Created
February 1, 2018 13:28
— forked from NickTyrer/cmstp.inf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;cmstp.exe /s cmstp.inf | |
| [version] | |
| Signature=$chicago$ | |
| AdvancedINF=2.5 | |
| [DefaultInstall_SingleUser] | |
| UnRegisterOCXs=UnRegisterOCXSection | |
| [UnRegisterOCXSection] |
W00t3k
/ fsharp.fsscript
Created
February 1, 2018 13:31
— forked from NickTyrer/fsharp.fsscript
fsi.exe inline execution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #r @"C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll" | |
| open System.Management.Automation | |
| open System.Management.Automation.Runspaces | |
| open System | |
| let runSpace = RunspaceFactory.CreateRunspace() | |
| runSpace.Open() | |
| let pipeline = runSpace.CreatePipeline() |
W00t3k
/ InterceptorThing.ps1
Created
February 5, 2018 19:47
Interceptor - Normal User No Admin Required.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| This script demonstrates the ability to capture and tamper with Web sessions. | |
| For secure sessions, this is done by dynamically writing certificates to match the requested domain. | |
| This is only proof-of-concept, and should be used cautiously, to demonstrate the effects of such an attack. | |
| Function: Interceptor | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause |
W00t3k
/ arc4.nim
Created
February 8, 2018 15:22
— forked from blark/arc4.nim
An implementation of ARC4 for Nim
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Nim implementation of ARC4 | |
| ## https://en.wikipedia.org/wiki/RC4 | |
| import future, strutils | |
| type ARC4* = object | |
| key*: string | |
| S: seq[int] | |
| proc KSA(key: string): seq[int] = |
W00t3k
/ triangle.nim
Created
February 10, 2018 13:59
— forked from dgellow/triangle.nim
A colorful triangle in nim OpenGL.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import opengl | |
| import glfw/wrapper as glfw | |
| var | |
| win: GLFWwindow | |
| vaoID: GLuint | |
| vboID: GLuint | |
| cboID: GLuint | |
| vertexShaderID: GLuint |
W00t3k
/ winlogon.reg
Created
February 13, 2018 13:16
— forked from anonymous/winlogon.reg
WinLogon Windows 7 x64 COM Hijack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
| @="AtomicRedTeam" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
| @="{00000001-0000-0000-0000-0000FEEDACDC}" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
| @="AtomicRedTeam" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
| @="{00000001-0000-0000-0000-0000FEEDACDC}" | |
| [HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |