ag-michael
/ Browser-Cleanup.ps1
Last active
August 31, 2021 17:27
Browser-Cleanup: Remove push notificaiton exemptions and non-exempt extensions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Reset push-notification exceptions and remove non-exempt extensions. | |
| With just the -User, it lists the changes that will be made. | |
| .PARAMETER User | |
| The User profile name name in C:\Users\ | |
| .PARAMETER Clean | |
| Commit changes by removing notification exemptions and extensions directories | |
| .PARAMETER KillBrowsers | |
| Kill running browser processes |
ag-michael
/ gist:bb97d6b4253e016de1c787cd5282c4cc
Created
December 13, 2021 19:20
Log4j exploit regex
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .*jndi:(ldap|ldaps|rmi|dns).*/ | |
| .*j\}.*n\}.*d\}.*i\}.*:\/\/.*/ | |
| .*lower:jndi.*:\/\/.*/ | |
| .*\$\{::.*:\w{3,6}:\/\/.* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // To compile:x86_64-w64-mingw32-g++ -shared -fno-stack-protector -o bacon.cpl bacon.c | |
| // To run: rundll32.exe shell32.dll,Control_RunDLL beacon.cpl | |
| // To run: control.exe beacon.cpl | |
| #include <windows.h> | |
| #include <tlhelp32.h> | |
| #include <winternl.h> | |
| typedef NTSTATUS (NTAPI * NtCreateThreadEx_t)( | |
| OUT PHANDLE hThread, | |
| IN ACCESS_MASK DesiredAccess, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os,sys | |
| import requests | |
| import hmac | |
| import hashlib | |
| import datetime | |
| import base64,time | |
| import subprocess | |
| BHE_TOKEN_ID = "<replace me>" | |
| BHE_TOKEN_KEY = "<replace me>" |
OlderNewer