| Security Issue | Trigger |
|---|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $(id -u) -ne 0 ]; then | |
| echo "This script must be run as root" | |
| exit | |
| fi | |
| # Function to prompt for input and ensure it's not blank (except for domain) | |
| prompt_input() { | |
| local var_name="$1" |
devanshbatham
/ GitHub-Actions-Attack-Vectors.md
Last active
March 15, 2025 21:41
GitHub Actions Attack Vectors
x86matthew
/ keylogger.cpp
Created
January 16, 2025 12:03
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <windows.h> | |
| #pragma comment(lib, "winmm.lib") | |
| void Nothing(WORD wKey) | |
| { | |
| } | |
| void PrintKey(WORD wKey) |
olafhartong
/ GetTracelogProviderSecurity.ps1
Created
January 3, 2025 14:08
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### USAGE: | |
| ### | |
| ### GetTracelogProviderSecurity.ps1 (to get all provider info) | |
| ### | |
| ### GetTracelogProviderSecurity.ps1 -ProviderName f2e68291-2367-5d51-3488-46f7a0e3f2cf | |
| ### (to get the info for 1 provider guid) | |
| ## | |
| # | |
| # Provider: f2e68291-2367-5d51-3488-46f7a0e3f2cf | |
| # Control Flags: 45076 |
ThePirateWhoSmellsOfSunflowers
/ atexec_rpc.py
Last active
March 9, 2025 00:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Impacket - Collection of Python classes for working with network protocols. | |
| # | |
| # Copyright Fortra, LLC and its affiliated companies | |
| # | |
| # All rights reserved. | |
| # | |
| # This software is provided under a slightly modified version | |
| # of the Apache Software License. See the accompanying LICENSE file | |
| # for more information. |
ThePirateWhoSmellsOfSunflowers
/ lsarlookupsids3.py
Created
November 22, 2024 13:01
Perform a lsarlookupsids3 with a trust account, it uses netlogon as SSP (see [MS-NRPC] 3.3)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from impacket.dcerpc.v5 import epm, lsad, rpcrt, transport, lsat, ndr, nrpc | |
| from impacket.uuid import bin_to_uuidtup | |
| from binascii import unhexlify | |
| from random import randbytes | |
| import sys | |
| # Perform a lsarlookupsids3 with a trust account, it uses netlogon as SSP (see [MS-NRPC] 3.3) | |
| # Pure TCP RPC is used (ncacn_ip_tcp option) | |
| # RC4 is used here because to use AES, impacket must be patched | |
| # Tested with impacket 0.12.0 on GOAD |
jborean93
/ New-ScheduledTaskSession.ps1
Last active
April 7, 2025 18:56
Creates a PSSession that targets a scheduled task process
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright: (c) 2024, Jordan Borean (@jborean93) <[email protected]> | |
| # MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
| Function New-ScheduledTaskSession { | |
| <# | |
| .SYNOPSIS | |
| Creates a PSSession for a process running as a scheduled task. | |
| .DESCRIPTION | |
| Creates a PSSession that can be used to run code inside a scheduled task |
Dump-GUY
/ hint_calls.py
Created
March 18, 2024 07:30
Modified version of Willi Ballenthin IDA Plugin hint_calls.py ported to support Python2/3 and IDA>=7.4 (tested IDA 7.7, 8.4)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| IDA plugin to display the calls and strings referenced by a function as hints. | |
| Installation: put this file in your %IDADIR%/plugins/ directory. | |
| Author: Willi Ballenthin <[email protected]> | |
| Licence: Apache 2.0 | |
| ''' | |
| import idc | |
| import idaapi | |
| import idautils |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| chroot /data/local/nhsystem/kalifs no such file or directory | |
| type this in androidsu terminal "ln -s /data/local/nhsystem/kali-arm64 /data/local/nhsystem/kalifs" | |
| Terminal says it doesnt have needed permissions | |
| uninstall it with any root uninstaller and install again |
daniruiz
/ ld_library_path_exploit.sh
Last active
November 3, 2024 15:38
Script that automatically generates malicious library and exploits binary through LD_LIBRARY_PATH Hijacking. The script generates the list of missing symbols, based on the specified library, and creates the version-script map file to avoid error messages when loading the new created malicious library.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # ./ld_path_exploit.sh /usr/lib/libgpg-error.so.0 top | |
| TARGET_LIB=$1 | |
| MISSING_SYMBOLS="$(readelf -s --wide ${TARGET_LIB} \ | |
| | grep 'FUNC\|OBJECT' \ | |
| | grep -v 'UND\|ABS' \ | |
| | awk '{print $8}' \ |
NewerOlder