Skip to content

Instantly share code, notes, and snippets.

View joeminicucci's full-sized avatar

m1n1 joeminicucci

43 followers · 58 following
View GitHub Profile
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active January 14, 2024 16:43
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
@brainstorm
brainstorm / esp32_promisc.c
Last active July 26, 2023 19:18
esp32 promiscuous mode and packet injection experiments
// Espressif ESP32 promiscuous mode and packet injection experiments
// by brainstorm at nopcode org
#include "freertos/FreeRTOS.h"
#include "esp_wifi.h"
#include "esp_wifi_internal.h"
#include "lwip/err.h"
#include "esp_system.h"
#include "esp_event.h"
#include "esp_event_loop.h"
@monoxgas
monoxgas / Rulz.py
Created October 14, 2015 17:31
#!/usr/bin/env python
# Rulz.py
# Author: Nick Landers (@monoxgas) - Silent Break Security
import os
import sys
import argparse
import re
import binascii
import codecs
@byt3bl33d3r
byt3bl33d3r / raw2ps_shellcode.py
Created September 13, 2015 12:12
Converts raw shellcode to a PowerShell compatible byte array (helpful when using custom shellcode with Invoke-Shellcode.ps1)
import sys
ps_shellcode = '@('
with open(sys.argv[1], 'rb') as shellcode:
byte = shellcode.read(1)
while byte != '':
ps_shellcode += '0x{}, '.format(byte.encode('hex'))
byte = shellcode.read(1)
@yoshikischmitz
yoshikischmitz / 0_readme.md
Last active December 22, 2020 22:34
Chinese Example Sentence Scripts

Scripts for preparing a full-text-search sqlite database from an english-chinese parallel corpus

These scripts were written to prepare the FTS database for use in Otacon507's Chinese Example sentences plugin: https://github.com/otacon507/zh-examples

The database importer will hopefully be rewritten in python and integrated into the above repo so end-users can easily create their own databases. I originally used Dr. Xian Qian's 2MParallelCorpus(https://github.com/qxred/2MParallelCorpus). Please note that though this data is of a generally high quality, it does contain some instances of non-English/non-Chinese sentences(est. 3000+ using langid), ~900+ html fragments, and an unknown amount of nonsense sentence fragments(but probably not too many).

Regarding the nonsense sentence fragments, we partially avoided this issue in the plugin by sorting results by their sentence length's distance from the average length of the result set. This is accomplished in two queries:

// pseudocode:

@brianbolger
brianbolger / gist:2007169
Created March 9, 2012 15:45
Check a list of machines for PowerShell remoting access
function CheckMachineForRemoteAccess()
{
$enabled
$session
try
{
$ErrorActionPreference = 'SilentlyContinue'
$session = New-PSSession -ComputerName $_
$enabled = $session.Availability