Install Deno, see https://deno.land/manual/getting_started/installation
Run ./sfz2sf.sh with the path of the SingleFileZ page as first parameter
r00t-3xp10it
/ WindowsUpdateLog.ps1
Last active
July 21, 2023 23:45
Convert ETL logfiles into readable data
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Convert ETL logfiles into readable data | |
| Author: @r00t-3xp10it (ssa redteam) | |
| Tested Under: Windows 10 (19043) x64 bits | |
| Required Dependencies: Get-WindowsUpdateLog {native} | |
| Optional Dependencies: none | |
| PS cmdlet Dev version: v1.1.8 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| List DLLs loaded by running processes! | |
| Author: @r00t-3xp10it | |
| Tested Under: Windows 10 (19043) x64 bits | |
| Required Dependencies: Get-Process {native} | |
| Optional Dependencies: none | |
| PS cmdlet Dev version: v1.0.3 |
gildas-lormeau
/ README.MD
Last active
August 31, 2024 23:36
CLI to transform a SingleFileZ page into a SingleFile page
jdgregson
/ block-these.txt
Last active
September 26, 2022 06:44
Filetypes to block - Files with these extensions should be blocked at email gateways (but you probably don't want to block docx, elxs, etc.)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| accdb | |
| accde | |
| ace | |
| ade | |
| adp | |
| ani | |
| apk | |
| app | |
| appcontent-ms | |
| appinstaller |
OlivierLaflamme
/ kiosk_escape.html
Created
April 22, 2022 16:43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| bb = new MSBlobBuilder(); | |
| bb.append("test data 2"); | |
| window.navigator.msSaveOrOpenBlob(bb.getBlob(),"testing2.txt"); | |
| </script> |
r00t-3xp10it
/ C2Prank.ps1
Last active
October 13, 2022 01:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Powershell Fake BSOD Prank | |
| Author: @r00t-3xp10it (ssa redteam) | |
| Tested Under: Windows 10 (19043) x64 bits | |
| Required Dependencies: IWR, Media.SoundPlayer {native} | |
| Optional Dependencies: Critical.wav {auto-download} | |
| PS cmdlet Dev version: v1.2.10 |
r00t-3xp10it
/ GetCounterMeasures.ps1
Last active
July 20, 2024 23:05
List common security processes running!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| List common security processes running! | |
| Author: @r00t-3xp10it (ssa redteam) | |
| Tested Under: Windows 10 (19043) x64 bits | |
| Required Dependencies: Get-WmiObject, Get-Process {native} | |
| Optional Dependencies: Get-MpPreference, Get-ChildItem {native} | |
| PS cmdlet Dev version: v2.3.18 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //original runner by @Arno0x: https://github.com/Arno0x/CSharpScripts/blob/master/shellcodeLauncher.cs | |
| using System; | |
| using System.Runtime.InteropServices; | |
| using System.Reflection; | |
| using System.Reflection.Emit; | |
| namespace ShellcodeLoader | |
| { | |
| class Program |
mozziemozz
/ SyncOutlookContactsToTeamsContacts.ps1
Last active
April 8, 2023 06:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $teamsRegion = Read-Host "Enter your Teams region. E.g. 'emea'" | |
| function Get-UserToken { | |
| param ( | |
| ) | |
| # Tenant name or id | |
| $tenantName = Read-Host "Enter your primary M365 domain or *.onmicrosoft.com name." | |
| Add-Type -AssemblyName System.Web |
r00t-3xp10it
/ Invoke-Bypass.ps1
Last active
May 6, 2025 11:51
Disable AMS1 string scanning within curent process.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Disable AMS1 within current process. | |
| Author: @r00t-3xp10it | |
| Tested Under: Windows 10 (19044) x64 bits | |
| Required Dependencies: Assembly {native} | |
| Optional Dependencies: IWR {native} | |
| PS cmdlet Dev version: v1.1.12 |