Skip to content

Instantly share code, notes, and snippets.

View gabemarshall's full-sized avatar

Gabe Marshall gabemarshall

121 followers · 15 following
View GitHub Profile
@gabemarshall
gabemarshall / flare-install.ps1
Last active September 9, 2021 02:15
Modified version of the flare-vm installer to add a few additional installations
###########################################
#
# FLARE VM Installation Script
#
# To execute this script:
# 1) Open powershell window as administrator
# 2) Allow script execution by running command "Set-ExecutionPolicy Unrestricted"
# 3) Execute the script by running ".\install.ps1"
#
###########################################
@gabemarshall
gabemarshall / ProgIDs.txt
Created June 30, 2018 18:04 — forked from bohops/ProgIDs.txt
file
StaticMetafile
StaticDib
clsid
objref
ADODB.Command.6.0
ADODB.Parameter.6.0
ADODB.Connection.6.0
ADODB.Recordset.6.0
ADODB.Error.6.0
@gabemarshall
gabemarshall / naughty_strings.txt
Created May 17, 2018 15:43
Naughty Strings
# Modified version from https://github.com/minimaxir/big-list-of-naughty-strings
undefined
undef
null
NULL
(null)
nil
NIL
true
false
@gabemarshall
gabemarshall / screenshot.js
Created March 2, 2018 19:01
screenshot a website with puppeteer (headless chrome)
const puppeteer = require('puppeteer');
const argv = require('yargs').argv
if (argv.url && argv.filename){
(async () => {
const browser = await puppeteer.launch({headless: true, ignoreHTTPSErrors: true});
process.on("unhandledRejection", (reason, p) => {
console.error("Unhandled Rejection at: Promise", p, "reason:", reason);
browser.close();
});
@gabemarshall
gabemarshall / ActiveRecord Cheat Sheet v1
Created January 12, 2018 21:24 — forked from jessieay/ActiveRecord Cheat Sheet v1
Active Record cheat sheet with examples of queries I've needed most so far
ActiveRecord cheat sheet / EXAMPLES
INSTALL
=======
$ gem install activerecord
in GEMFILE: gem ‘activerecord’
REQUIRE
=======
require ‘active_record’
@gabemarshall
gabemarshall / jscript.ps1
Created January 3, 2018 15:30
Executing JScript from Powershell via .NET reflection
[Reflection.Assembly]::LoadWithPartialName('Microsoft.JScript');
$js = 'var js = new ActiveXObject("WScript.Shell");js.Run("calc");'
[Microsoft.JScript.Eval]::JScriptEvaluate($js,[Microsoft.JScript.Vsa.VsaEngine]::CreateEngine());
@gabemarshall
gabemarshall / fuzz.txt
Last active September 9, 2021 02:17
fuzz
"
%22
%2522
\u0022
%c0%a2
%E0%80%A2
%F0%80%80%A2
'
%27
%2527
@gabemarshall
gabemarshall / wayback.sh
Created August 23, 2017 17:53
Script to download results from the wayback machine, and do some ghetto parsing
#!/bin/bash
# Requires httpie and jq
#### Settings ####
read -p "What domain would you like to search the wayback machine for? " domain
http --download --output=$domain.json "https://web.archive.org/cdx/search?url=$domain%2F&matchType=prefix&collapse=urlkey&output=json&fl=original%2Cmimetype%2Ctimestamp%2Cendtimestamp%2Cgroupcount%2Cuniqcount&filter=!statuscode%3A%5B45%5D..&_=1498608272486"
cat $domain.json| jq '.[][]'| grep 'http'| grep -v -i -e '.js' -e '.gif' -e '.png' -e '.jpg' -e '.jpeg' -e '.css' | cut -d '"' -f2 > $domain".txt"
@gabemarshall
gabemarshall / rc4.js
Last active August 25, 2017 21:34 — forked from salipro4ever/rc4.js
/*
* RC4 symmetric cipher encryption/decryption
*
* @license Public Domain
* @param string key - secret key for encryption/decryption
* @param string str - string to be encrypted/decrypted
* @return string
*/
function rc4(key, str) {
var s = [], j = 0, x, res = '';
@gabemarshall
gabemarshall / test.sct
Created May 15, 2017 15:03
test.sct
<?XML version="1.0"?>
<scriptlet>
<registration
progid="ChangeMyNameToSomethingArbitrary"
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
<script language="JScript">
<![CDATA[
var r = new ActiveXObject("WScript.Shell").Run("calc.exe",0);