I hereby claim:
- I am 0xsv1 on github.
- I am eisveen (https://keybase.io/eisveen) on keybase.
- I have a public key ASAKyHkeQcyc7sK43WRWCStrJglOrERg5C8IJUWzdrA-xwo
To claim this, I am signing this object:
# This is a super **SIMPLE** example of how to create a very basic powershell webserver | |
# 2019-05-18 UPDATE — Created by me and and evalued by @jakobii and the comunity. | |
# Http Server | |
$http = [System.Net.HttpListener]::new() | |
# Hostname and port to listen on | |
$http.Prefixes.Add("http://localhost:8080/") | |
# Start the Http Server |
using System; | |
using System.Collections.Generic; | |
using System.Diagnostics; | |
using System.IO; | |
using System.Linq; | |
using System.Text; | |
namespace MuteSysmon | |
{ | |
class Program |
I hereby claim:
To claim this, I am signing this object:
This is a variation of the technique originally discovered by subtee
and described here
TL;DR It essentially allows you to turn any .NET application into a lolbin by providing a configuration file and specifying the <appDomainManagerAssembly>
element pointing to a specially crafted .NET assembly which executes when the application is loaded.
This variation allows you to load the AppDomainManager
assembly from a UNC path or HTTP(s) server. Also disables ETW thanks to the <etwEnable>
element :)
C:\Test
. Lets use aspnet_compiler.exe
as an exampletest.cs
to test.dll
with a signed strong name, this is required to load an assembly outside of a .NET applications base directory.test.dll
on a remote SMB or HTTP(S) serverpackage main | |
/* | |
Example Go program with multiple .NET Binaries embedded | |
This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with: | |
$ go get -u github.com/gobuffalo/packr/packr | |
Place all your EXEs are in a "binaries" folder |
## A few tools for working with Azure OAuth2 Authentication Codes and access_tokens | |
## By Beau Bullock @dafthack | |
Function Get-AzureAccessToken{ | |
Param | |
( | |
[Parameter(Position = 0, Mandatory = $false)] | |
[string] |
# | |
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
# | |
# Note this version requires Apache 2.4+ | |
# | |
# Save this file into something like /etc/apache2/redirect.rules. | |
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
# | |
# Include /etc/apache2/redirect.rules | |
# |