Chris Wallace ImAnEnabler
trustedsec
/ gist:686057a1b8cdf3e580c57b211b263abe
Created
November 2, 2017 15:11
List of applications for code execution via legit binaries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rundll32.exe | |
| Regsvr32.exe | |
| Mshta.exe | |
| Msbuild.exe | |
| Cbd.exe | |
| Csc.exe | |
| Tracker.exe | |
| Ntsd.exe | |
| Bginfo.exe | |
| Kd.exe |
coldfusion39
/ deskey_to_ntlm.py
Last active
April 17, 2019 13:45
Retrieve the NTLM from a captured NetNTLMv1 session
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Copyright (c) 2017, Brandan Geise [coldfusion] | |
| # | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy | |
| # of this software and associated documentation files (the "Software"), to deal | |
| # in the Software without restriction, including without limitation the rights | |
| # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| # copies of the Software, and to permit persons to whom the Software is | |
| # furnished to do so, subject to the following conditions: | |
| # |