cmd@fb:/tmp|❯ wc -l 33m-subdomain-wordlist.txt
33927885 33m-subdomain-wordlist.txt
Vay3t vay3t
🏴☠️
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Mozilla User Preferences | |
| // To change a preference value, you can either: | |
| // - modify it via the UI (e.g. via about:config in the browser); or | |
| // - set it within a user.js file in your profile (create it if it doesn't exist). | |
| // | |
| // Profile folder location on different systems: | |
| // Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default | |
| // Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default | |
| // Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default |
mvelazc0
/ GetSystem.cs
Last active
February 17, 2025 17:39
Escalates to SYSTEM leveraging OpenProcess, OpenProcessToken and ImpersonateLoggedOnUser. https://attack.mitre.org/beta/techniques/T1134/. Needs to run as a High Integrity proc. Needs SeDebugPrivilege
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| using System.Security.Principal; | |
| //Based on https://0x00-0x00.github.io/research/2018/10/17/Windows-API-and-Impersonation-Part1.html | |
| namespace GetSystem | |
| { | |
| class Program | |
| { |
Most new PCs don't come with DVD drives anymore. So it can be a pain to install Windows on a new computer.
Luckily, Microsoft makes a tool that you can use to install Windows from a USB storage drive (or "thumbdrive" as they are often called).
But what if you don't have a second PC for setting up that USB storage drive in the first place?
In this tutorial we'll show you how you can set this up from a Mac.
You can download the ISO file straight from Windows. That's right - everything we're going to do here is 100% legal and sanctioned by Microsoft.
rasta-mouse
/ PPID Spoof & BlockDLLs
Last active
April 1, 2025 22:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| namespace BlockDllTest | |
| { | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from scapy.all import * | |
| from py2neo import Graph, Node, Relationship | |
| packets = rdpcap("<your_pcap_file>") | |
| g = Graph(password="<your_neo4j_password>") | |
| for packet in packets.sessions(): | |
| pkt = packet.split() |
jerblack
/ Elevate when needed in Go.md
Last active
January 20, 2026 13:14
Relaunch Windows Golang program with UAC elevation when admin rights needed.
I'm buiding a command line tool in Go that has an option to install itself as a service on Windows, which it needs admin rights for. I wanted to be able to have it reliably detect if it was running as admin already and if not, relaunch itself as admin. When the user runs the tool with the specific switch to trigger this functionality (-install or -uninstall in my case) they are prompted by UAC (User Account Control) to run the program as admin, which allows the tool to relaunch itself with the necessary rights.
To detect if I was admin, I tried the method described here first:
https://coolaj86.com/articles/golang-and-windows-and-admins-oh-my/
This wasn't accurately detecting that I was elevated, and was reporting that I was not elevated even when running the tool in CMD prompt started with "Run as Administrator" so I needed a more reliable method.
I didn't want to try writing to an Admin protected area of the filesystem or registry because Windows has the ability to transparently virtualize those writes
afdalwahyu
/ main.go
Last active
October 16, 2024 12:31
golang dynamic port forward ssh socks5 tunnel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "context" | |
| "fmt" | |
| "net" | |
| "os" | |
| "os/signal" | |
| "syscall" |
liamosaur
/ foxyproxy.json
Created
June 3, 2019 05:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "mode": "patterns", | |
| "proxySettings": [ | |
| { | |
| "address": "127.0.0.1", | |
| "port": 8080, | |
| "username": "", | |
| "password": "", | |
| "type": 1, | |
| "title": "127.0.0.1:8080", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bytes" | |
| "crypto/aes" | |
| "crypto/cipher" | |
| "crypto/md5" | |
| crand "crypto/rand" | |
| "encoding/base64" | |
| "encoding/hex" |