akpotter akpotter
akpotter
/ divide_and_conquer.c
Created
January 19, 2021 04:08
— forked from theevilbit/divide_and_conquer.c
Divide and Conquer NextGen AV bypass
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| This is a POC for a generic technique I called internally on our red team assessment "Divide and Conquer", which can be used to bypass behavioral based NextGen AV detection. It works by splitting malicious actions and API calls into distinct processes. | |
| */ | |
| #include <stdio.h> | |
| #include <tchar.h> | |
| #include <windows.h> | |
| #include "Commctrl.h" | |
| #include <string> |
akpotter
/ grabfriend.php
Created
August 24, 2020 04:12
— forked from kittinan/grabfriend.php
Find some friend on Facebook hidden friendlist user
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * | |
| * Find some friend on Facebook hidden friendlist user | |
| * | |
| * more information : http://goo.gl/av95pC | |
| * | |
| * Instruction | |
| * | |
| * 1. Register New Facebook User |
akpotter
/ ShellcodeRDI.go
Created
July 16, 2020 06:10
— forked from leoloobeek/ShellcodeRDI.go
Go implementation of https://github.com/monoxgas/sRDI/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| * | |
| * This is just a Go implementation of https://github.com/monoxgas/sRDI/ | |
| * Useful if you're trying to generate shellcode for reflective DLL | |
| * injection in Go, otherwise probably not much use :) | |
| * | |
| * The project, shellcode, most comments within this project | |
| * are all from the original project by @SilentBreakSec's Nick Landers (@monoxgas) |
akpotter
/ cve-2020-5902-check.sh
Created
July 6, 2020 02:43
— forked from ykoster/cve-2020-5902-check.sh
Bash one-liner to check if a device is vulnerable for CVE-2020-5902
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl --silent --insecure 'https://[ip]/tmui/login.jsp/..;/tmui/util/getTabSet.jsp?tabId=Vulnerable' | \ | |
| grep -q Vulnerable && \ | |
| printf '\033[0;31mVulnerable\n' || \ | |
| printf '\033[0;32mNot Vulnerable\n' |
akpotter
/ download-all-repos.sh
Created
May 27, 2020 09:27
— forked from vke-code/download-all-repos.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Clone all github.com repositories for a specified user. | |
| if [ $# -eq 0 ] | |
| then | |
| echo "Usage: $0 <user_name> " | |
| exit; | |
| fi |
akpotter
/ touch.js
Created
January 7, 2020 10:29
— forked from hanji/touch.js
(WSH) file timestamp manipulation utility
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // touch.js --- file timestamp manipulation utility (like *nix touch) | |
| // (c) Copyright 2012, Ji Han (hanji <at> outlook <dot> com) | |
| // you are free to distribute it under the BSD license. | |
| (function(){ | |
| if (WScript.Arguments.Length == 0){ | |
| // this script works for files, but not folders. (you need win32api to do that.) | |
| // plus, there's no '-a' or '-m' options; it only touches the mtime. | |
| WScript.Echo('touch [-c] [-r <reference_file> | -t <timestamp>] <files>'); |
akpotter
/ touch.js
Created
January 7, 2020 10:29
— forked from hanji/touch.js
(WSH) file timestamp manipulation utility
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // touch.js --- file timestamp manipulation utility (like *nix touch) | |
| // (c) Copyright 2012, Ji Han (hanji <at> outlook <dot> com) | |
| // you are free to distribute it under the BSD license. | |
| (function(){ | |
| if (WScript.Arguments.Length == 0){ | |
| // this script works for files, but not folders. (you need win32api to do that.) | |
| // plus, there's no '-a' or '-m' options; it only touches the mtime. | |
| WScript.Echo('touch [-c] [-r <reference_file> | -t <timestamp>] <files>'); |
akpotter
/ add.modify.date.vbs
Created
January 7, 2020 10:24
— forked from blaues0cke/add.modify.date.vbs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Set fileSystemObject = CreateObject("Scripting.FileSystemObject") | |
| inputFilePathFull = WScript.Arguments(0) | |
| Set fileObject = fileSystemObject.GetFile(inputFilePathFull) | |
| inputFileName = fileSystemObject.GetFileName(fileObject) | |
| inputFilePath = fileSystemObject.GetParentFolderName(fileObject) |
akpotter
/ pulseversion.py
Created
September 2, 2019 05:42
— forked from rxwx/pulseversion.py
Pulse Secure Version Scanner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import re | |
| HEADERS = {"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:67.0) Gecko/20100101 Firefox/67.0"} | |
| if len(sys.argv) != 2: | |
| print " Usage: python pulseversion.py <target ip/domain>" | |
| sys.exit(1) |
akpotter
/ installUtil.cs
Created
August 14, 2019 09:17
— forked from Arno0x/installUtil.cs
Example of a C# DLL to be used with the InstallUtil utility to make it execute some arbitrary code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Author: Arno0x0x, Twitter: @Arno0x0x | |
| ===================================== COMPILING ===================================== | |
| C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe /target:library /unsafe /out:installUtil.dll installUtil.cs | |
| ===================================== USAGE ===================================== | |
| C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe /logtoconsole=false /logfile= /u installUtil.dll | |
| */ |
NewerOlder