colinrubbert

/**
 * RuntimeGlobalsChecker
 *
 * You can use this utility to quickly check what variables have been added (or
 * leaked) to the global window object at runtime (by JavaScript code).
 * By running this code, the globals checker itself is attached as a singleton
 * to the window object as "__runtimeGlobalsChecker__".
 * You can check the runtime globals programmatically at any time by invoking
 * "window.__runtimeGlobalsChecker__.getRuntimeGlobals()".
 *

kafkaesqu3

/_windows/default.aspx?ReturnUrl=/
/abs
/abs/
/adfs/ls
/adfs/ls/wia
/adfs/services/trust/13/windows
/adfs/services/trust/13/windowsmixed
/adfs/services/trust/13/windowstransport
/adfs/services/trust/2005/windows
/adfs/services/trust/2005/windowsmixed

med0x2e

Steps:

1- apt-get install mono-complete     
2- apt-get install wine winetricks -y
3- winetricks dotnet35  
4- winetricks dotnet48 
5- dpkg --add-architecture i386 && apt-get update && apt-get install wine32
6- rm -Rf ~/.wine
7- WINEPREFIX=~/.wine32 WINEARCH=win32 wineboot
8- wine GadgetToJScript.NET3.5.exe -r -c helloworld.cs -d System.Windows.Forms.dll -w hta -o hello

Flangvik

using System;
using System.Diagnostics;
using System.IO;
using System.Runtime.InteropServices;


namespace InjectionTest
{
    public class DELEGATES
    {

rxwx

import re
import sys

versions = {
    0x00: 'Excel 97',
    0x01: 'Excel 2000',
    0x02: 'Excel 2002',
    0x03: 'Office Excel 2003',
    0x04: 'Office Excel 2007',
    0x06: 'Excel 2010',

khr0x40sh

Param([string]$string = "C:\windows\syswow64\windowspowershell\v1.0\powershell.exe -exec Bypass -nop ping 127.0.0.1"
);

$result = ""
$strA = $string.ToCharArray()
for($i = 0; $i -lt $strA.Length; $i++)
{
    $x = [byte]$strA[$i]
    $result += "Chr  (" + $x.ToString() + ") & "
}

xpn

#include "stdafx.h"

int main()
{
	ICLRMetaHost *metaHost = NULL;
	IEnumUnknown *runtime = NULL;
	ICLRRuntimeInfo *runtimeInfo = NULL;
	ICLRRuntimeHost *runtimeHost = NULL;
	IUnknown *enumRuntime = NULL;
	LPWSTR frameworkName = NULL;

curi0usJack

	# 
	# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
	#
	# Note this version requires Apache 2.4+
	#
	# Save this file into something like /etc/apache2/redirect.rules.
	# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
	# 
	# Include /etc/apache2/redirect.rules
	#

NickTyrer

#r @"C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.dll"

open System.Management.Automation
open System.Management.Automation.Runspaces
open System

let runSpace = RunspaceFactory.CreateRunspace()
runSpace.Open()
let pipeline = runSpace.CreatePipeline()

bsweger

Useful Pandas Snippets

A personal diary of DataFrame munging over the years.

Data Types and Conversion

Convert Series datatype to numeric (will error if column has non-numeric values)
(h/t @makmanalp)