Skip to content

Instantly share code, notes, and snippets.

View moloch--'s full-sized avatar
🏠
Working from home

Joe moloch--

🏠
Working from home
View GitHub Profile
@moloch--
moloch-- / client-ipv6-generic.c
Created January 24, 2022 01:17 — forked from mhaskar/client-ipv6-generic.c
DNSStager v1.0 beta agent to inject the retrived shellcode in notepad.exe and using Early Bird APC
#include <stdint.h>
#include <inttypes.h>
#include <winsock2.h>
#include <windns.h>
#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>
@moloch--
moloch-- / mem-loader.asm
Created September 12, 2021 14:32 — forked from zznop/mem-loader.asm
Fun little loader shellcode that executes an ELF in-memory using an anonymous file descriptor (inspired by https://x-c3ll.github.io/posts/fileless-memfd_create/)
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;
;;; Copyright (C), zznop, [email protected]
;;;
;;; This software may be modified and distributed under the terms
;;; of the MIT license. See the LICENSE file for details.
;;;
;;; DESCRIPTION
;;;
;;; This PoC shellcode is meant to be compiled as a blob and prepended to a ELF
@moloch--
moloch-- / vm_detect
Created September 20, 2016 22:22 — forked from malware-kitten/vm_detect
A chunk of code found online that will check for evidence of a virtual machine
#include <string>
#include <tlhelp32.h>
#include <TCHAR.H>
#include <dir.h>
using namespace std;
int detected = 0;
DWORD GetModulePath(HINSTANCE hInst,LPTSTR pszBuffer,DWORD dwSize)
@moloch--
moloch-- / netkatz.cs
Created May 28, 2016 03:21
Downloads and Executes Mimikatz In Memory From GitHub
using System;
using System.IO;
using System.Net;
using System.Text;
using System.IO.Compression;
using System.Collections.Generic;
using System.Configuration.Install;
using System.Runtime.InteropServices;
#include <stdio.h>
#include <stdlib.h>
#include <dirent.h>
#include <sys/types.h>
#include <regex.h>
#include <string.h>
#include <sys/ptrace.h>
#include <time.h>
#include <unistd.h>