This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" | |
xmlns:msxsl="urn:schemas-microsoft-com:xslt" | |
xmlns:u="urn:my-scripts"> | |
<!-- | |
'<a/>' > blah.txt | |
$xslt = New-Object System.Xml.Xsl.XslTransform | |
$xslt.Load("$pwd\JankyAF.xsl"); | |
$xslt.Transform("$pwd\blah.txt","$pwd\blah.txt") | |
--> | |
<msxsl:script language="C#" implements-prefix="u"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
$owners = @{} | |
gwmi win32_process |% {$owners[$_.handle] = $_.getowner().user} | |
get-process | select processname,Id,@{l="Owner";e={$owners[$_.id.tostring()]}} | |
#> | |
#Simple powershell/C# to spawn a process under a different parent process | |
#Launch PowerShell As Administrator |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Diagnostics; | |
using System.Runtime.InteropServices; | |
using System.Text; | |
public class TestClass | |
{ | |
public TestClass() | |
{} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version='1.0'?> | |
<data> | |
<circle> | |
<radius>12</radius> | |
</circle> | |
<circle> | |
<radius>37.5</radius> | |
</circle> | |
</data> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Verify Not Present | |
( Get-ChildItem Cert:\CurrentUser\Root | Where-Object {$_.Subject -match "__Interceptor_Trusted_Root" }) | |
#Import-Certificate | |
( Get-ChildItem -Path C:\Test\thing.cer ) | Import-Certificate -CertStoreLocation cert:\CurrentUser\Root | |
#Prompted | |
Remove-Item -Path cert:\CurrentUser\Root\5C205339AE9FA846FA99D3FFF0CDEE65EB8D8E99 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |
NewerOlder