killvxk
/ gist:385cc93cf6cf336eb7285a1ebf1e8711
Created
April 14, 2017 08:34
— forked from dafthack/gist:8aa4ff60cd9352448a372ce1a7b2e27e
Easy Metasploit Install on Windows Subsystem for Linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux | |
| 1.) Enable Developer Mode | |
| C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1" | |
| 2.) Enable Windows Subsystem for Linux | |
| C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux | |
| 3.) Reboot |
killvxk
/ smbloris.c
Created
August 30, 2017 17:04
— forked from marcan/smbloris.c
SMBLoris attack proof of concept
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* SMBLoris attack proof-of-concept | |
| * | |
| * Copyright 2017 Hector Martin "marcan" <[email protected]> | |
| * | |
| * Licensed under the terms of the 2-clause BSD license. | |
| * | |
| * This is a proof of concept of a publicly disclosed vulnerability. | |
| * Please do not go around randomly DoSing people with it. | |
| * | |
| * Tips: do not use your local IP as source, or if you do, use iptables to block |
killvxk
/ hyperdetect.c
Created
October 26, 2018 07:42
— forked from drew-gpf/hyperdetect.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //this requires being able to run at kernel mode and assumes you're using MSVC | |
| //this also uses an unnamed structure for cr0_t, which is a nonstandard extension of the C language | |
| //data structure for cr0 | |
| typedef union _cr0_t | |
| { | |
| struct | |
| { | |
| uint64_t protection_enable : 1; |
killvxk
/ abandonedInprocServer32.cs
Created
October 31, 2018 06:03
— forked from matterpreter/abandonedInprocServer32.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.IO; | |
| using System.Linq; | |
| using System.Management; | |
| namespace ComAbandonment | |
| { | |
| public class ComAbandonment | |
| { |
killvxk
/ checksvc.py
Created
December 1, 2018 11:15
— forked from wdormann/checksvc.py
Check for insecure services on Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import subprocess | |
| import ctypes | |
| # See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/ | |
| svcinfo = {} | |
| nonadmin = ['AU', 'AN', 'BG', 'BU', 'DG', 'WD', 'IU', 'LG'] | |
| FNULL = open(os.devnull, 'w') |
killvxk
/ checkaslr.py
Created
December 1, 2018 11:16
— forked from wdormann/checkaslrfiles.py
Python script to check for PE files linked with /DYNAMICBASE, but are not actually ASLR compatible due to missing relocation table
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| '''checkaslr.py: Check for files that opt into ASLR with /DYNAMICBASE, | |
| but do not have a relocation table to allow ASLR to function. | |
| usage: checkaslr.py <dir> | |
| ex: checkaslr.py "C:\Program Files\" | |
| requires: pefile <https://github.com/erocarrera/pefile>, which should be | |
| installable via: pip install pefile | |
| ''' |
killvxk
/ SystemCMD.cpp
Created
January 24, 2019 01:48
— forked from masthoon/SystemCMD.cpp
Launch SYSTEM CMD in user current session (from a service)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include <windows.h> | |
| #include <Winbase.h> | |
| #include <Wtsapi32.h> | |
| #include <Userenv.h> | |
| #include <malloc.h> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| #pragma comment(lib, "Userenv.lib") |
killvxk
/ launch_wsl.py
Created
January 24, 2019 01:48
— forked from masthoon/launch_wsl.py
Launch a WSL process from Python (Windows)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import windows | |
| import windows.winproxy | |
| import windows.generated_def as gdef | |
| # List distro: wslconfig /l | |
| class WSLAPIProxy(windows.winproxy.ApiProxy): | |
| APIDLL = "wslapi" | |
| default_error_check = staticmethod(windows.winproxy.no_error_check) |
killvxk
/ clr_via_native.c
Created
March 13, 2019 02:30
— forked from xpn/clr_via_native.c
A quick example showing loading CLR via native code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| int main() | |
| { | |
| ICLRMetaHost *metaHost = NULL; | |
| IEnumUnknown *runtime = NULL; | |
| ICLRRuntimeInfo *runtimeInfo = NULL; | |
| ICLRRuntimeHost *runtimeHost = NULL; | |
| IUnknown *enumRuntime = NULL; | |
| LPWSTR frameworkName = NULL; |
killvxk
/ PSProcmon.psm1
Created
May 5, 2019 05:42
— forked from mattifestation/PSProcmon.psm1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # These keyword values can be obtained with: logman query providers Microsoft-Windows-Kernel-Registry | |
| [Flags()] | |
| enum RegistryOptions { | |
| CloseKey = 0x00000001 | |
| QuerySecurityKey = 0x00000002 | |
| SetSecurityKey = 0x00000004 | |
| EnumerateValueKey = 0x00000010 | |
| QueryMultipleValueKey = 0x00000020 | |
| SetInformationKey = 0x00000040 | |
| FlushKey = 0x00000080 |
OlderNewer