This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Keybase proof | |
I hereby claim: | |
* I am jgrunzweig on github. | |
* I am jgrunz (https://keybase.io/jgrunz) on keybase. | |
* I have a public key ASCT9na91k4AcGgP_0Ir3l4Fqf0VBAJ0oMNzF0eZh4SCTgo | |
To claim this, I am signing this object: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Download yara | |
https://github.com/virustotal/yara/releases/tag/v3.10.0 (or similar URL) | |
Install yara | |
./bootstrap.sh | |
./configure --enable-cuckoo --enable-magic --enable-dotnet | |
make | |
sudo make install |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Install-Immunity($path) | |
{ | |
Write-Host "Installing Immunity" | |
Write-Host $path | |
$p = Start-Process $path | |
Sleep 5; | |
$wshell = New-Object -ComObject wscript.shell; | |
$wshell.AppActivate('Immunity Debugger Setup'); | |
$wshell.SendKeys('~'); | |
Sleep 5; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'sinatra' | |
require 'net/scp' | |
get '/provision' do | |
file = 'CONFIGS!....txt' | |
f = File.new(file, 'w') | |
f.write(params[:ip]) | |
f.write('other stuff') | |
f.close | |
Net::SCP.upload!("remote.host.com", "username", file, "/remote/path", :ssh => { :password => "password" }) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OPTION EXPLICIT | |
DIM CRLF, TAB | |
DIM strServer | |
DIM objWebService | |
DIM WebSvcObj | |
dim webID | |
dim DllName | |
dim strScriptMap |