| # Set vi key bindings mode | |
| set -g mode-keys vi | |
| set -g status-keys vi | |
| # Set new panes to open in current directory | |
| bind c new-window -c "#{pane_current_path}" | |
| bind '"' split-window -c "#{pane_current_path}" | |
| bind % split-window -h -c "#{pane_current_path}" | |
| # List of plugins |
Tcpdump is a CLI tool to capture raw network packets. This is useful for various forms of network troubleshooting. This cheat sheet covers all the basic and advanced options for tcpdump.
Tcpdump command is a famous network packet analyzing tool that is used to display TCP\IP & other network packets being transmitted over the network attached to the system on which tcpdump has been installed. Tcpdump uses libpcap library to capture the network packets & is available on almost all Linux/Unix flavors.
| # This script will manually rip out all VMware Tools registry entries and files for Windows 2008-2019 | |
| # Tested for 2019, 2016, and probably works on 2012 R2 after the 2016 fixes. | |
| # This function pulls out the common ID used for most of the VMware registry entries along with the ID | |
| # associated with the MSI for VMware Tools. | |
| function Get-VMwareToolsInstallerID { | |
| foreach ($item in $(Get-ChildItem Registry::HKEY_CLASSES_ROOT\Installer\Products)) { | |
| If ($item.GetValue('ProductName') -eq 'VMware Tools') { | |
| return @{ | |
| reg_id = $item.PSChildName; |
| /* | |
| This is a POC for a generic technique I called internally on our red team assessment "Divide and Conquer", which can be used to bypass behavioral based NextGen AV detection. It works by splitting malicious actions and API calls into distinct processes. | |
| */ | |
| #include <stdio.h> | |
| #include <tchar.h> | |
| #include <windows.h> | |
| #include "Commctrl.h" | |
| #include <string> |
| site.com/file.php | |
| response = nothing | |
| http://site.com/file.php~ | |
| response = source | |
| ------------------------------------- | |
| https://github.com/kleiton0x00/CRLF-one-liner | |
| ------------------------------------------ | |
| try to add admin as your user, | |
| change his email to yours, |
| #include <Windows.h> | |
| #include <ImageHlp.h> | |
| #include <strsafe.h> | |
| #include "loaded_psp_drivers.h" | |
| #include <set> | |
| #include <string> | |
| #include <algorithm> | |
| #pragma comment(lib, "crypt32.lib") |
| #include <Windows.h> | |
| #include <iostream> | |
| #include <DbgHelp.h> | |
| #include <processsnapshot.h> | |
| #include <TlHelp32.h> | |
| #include <processthreadsapi.h> | |
| //process reflection stuff copied from: https://github.com/hasherezade/pe-sieve/blob/master/utils/process_reflection.cpp | |
| //minidump/process searching copied from: https://ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass | |
| //compile using: cl.exe refl.cpp /DUNICODE |
| # This file contains pin mappings for the Creality Ender 5 Plus. | |
| # Ender 5 Plus stock uses a Creality v2.2 board, similar to CR-20 Pro. | |
| # To use this config, the firmware should be compiled for the AVR atmega2560. | |
| # See the example.cfg file for a description of available parameters. | |
| [stepper_x] | |
| step_pin: PF0 | |
| dir_pin: PF1 | |
| enable_pin: !PD7 |
| // | |
| // Simple Shellcode loader implemented in Golang. | |
| // | |
| // Compilation: | |
| // $ go build -o foo.exe shellcodeLoader.go | |
| // | |
| // Mariusz B. / mgeeky (@mariuszbit), '20 | |
| // <[email protected]> | |
| // |