This list is no longer updated, thus the information is no longer reliable.
You can see the latest version (from october 2022) here
blotus
/ log4j_exploitation_attempts_crowdsec.md
Last active
December 29, 2023 12:24
IPs exploiting the log4j2 CVE-2021-44228 detected by the crowdsec community
mark05e
/ DriveClean.ps1
Last active
July 11, 2024 22:59
— forked from pmsmith/DriveClean.ps1
Simple script to clear temp files and browser cache/history
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #------------------------------------------------------------------# | |
| #- Clear-GlobalWindowsCache # | |
| #------------------------------------------------------------------# | |
| Function Clear-GlobalWindowsCache { | |
| Remove-CacheFiles 'C:\Windows\Temp' | |
| Remove-CacheFiles "C:\`$Recycle.Bin" | |
| Remove-CacheFiles "C:\Windows\Prefetch" | |
| C:\Windows\System32\rundll32.exe InetCpl.cpl, ClearMyTracksByProcess 255 | |
| C:\Windows\System32\rundll32.exe InetCpl.cpl, ClearMyTracksByProcess 4351 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import sys | |
| from base64 import b64encode | |
| from requests_ntlm2 import HttpNtlmAuth | |
| from urllib3.exceptions import InsecureRequestWarning | |
| from urllib import quote_plus | |
| requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) |
Debian or Kali Linux installed to as KVM (libvirtd) guests do not automatically have qemu-guest-agent or spice-vdagent installed. This will prevent seamless movement of the mouse cursor between the guest and host desktop in Virtual Machine Manager (requiring the use of a Ctrl-Alt to release the cursor from the guest window).
To cure this, install both qemu-guest-agent and spice-vdagent on each guest and reboot (the guests).
$ sudo apt install qemu-guest-agent
$ sudo apt install spice-vdagent
api0cradle
/ akagi_41.c
Created
August 16, 2017 07:14
— forked from hfiref0x/akagi_41.c
UAC bypass using CMSTPLUA COM interface
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| typedef interface ICMLuaUtil ICMLuaUtil; | |
| typedef struct ICMLuaUtilVtbl { | |
| BEGIN_INTERFACE | |
| HRESULT(STDMETHODCALLTYPE *QueryInterface)( | |
| __RPC__in ICMLuaUtil * This, | |
| __RPC__in REFIID riid, | |
| _COM_Outptr_ void **ppvObject); |
jaredcatkinson
/ Get-InjectedThread.ps1
Last active
July 1, 2024 08:32
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
meldridge
/ how-to-oscp-final.md
Last active
April 12, 2024 02:06
— forked from unfo/how-to-oscp-final.md
How to pass the OSCP
UPDATE: Excellent resource here: https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
- Recon
- Find vuln
- Exploit
- Escalate
- Document it