Skip to content

Instantly share code, notes, and snippets.

View sixdub's full-sized avatar

Justin sixdub

161 followers · 6 following
View GitHub Profile
@sixdub
sixdub / beacon.ksy
Created April 6, 2021 21:17
meta:
id: beaconconfig
title: Cobalt Strike Beacon Config
endian: be
doc: |
Cobalt Strike Beacon is a popular offensive security tool. Beacon itself
is a DLL that gets injected into memory and can be staged from C2 servers.
The Beacon DLL (in unencoded form) contains a configuration section that gets
patched by the C2 server. This section is a fixed predictable structure
@sixdub
sixdub / pester-mock-example
Created May 11, 2016 16:10
Can you Mock an internal locally scoped function in Pester?
######## SCRIPT EXAMPLE ########
function Do-SomethingStupid
{
function local:Get-NumberFive
{
return 5
}
$value = Get-NumberFive
if (value -ne 5)
{
@sixdub
sixdub / keybase.md
Created April 14, 2015 02:00
keybase.md

Keybase proof

I hereby claim:

  • I am sixdub on github.
  • I am sixdub (https://keybase.io/sixdub) on keybase.
  • I have a public key whose fingerprint is E477 7917 9253 D455 9007 8FE0 9F54 9507 2437 E38C

To claim this, I am signing this object:

@sixdub
sixdub / DllByteEncode.ps1
Last active August 29, 2015 14:14
function Invoke-DllByteEncode
{
#Encoder used to take a dll and turn it into a base64 encoded byte array for Powersploit's
#Invoke-ReflectivePEInjection
Param(
[Parameter(Position = 0)]
[String]
$InputPath,
[Parameter(Position = 1)]
[String]