Skip to content

Instantly share code, notes, and snippets.

Manas Bellani manasmbellani

Block or report user

Report or block manasmbellani

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View Invoke-WSResetBypass.ps1
<#
.SYNOPSIS
Fileless UAC Bypass by Abusing Shell API
Author: Hashim Jawad of ACTIVELabs
.PARAMETER Command
Specifies the command you would like to run in high integrity context.
.EXAMPLE
View get_webpage_via_selenium.py
#!/usr/bin/python3
import argparse
import subprocess
import shlex
import time
parser = argparse.ArgumentParser(description=("Parse links from webpage called from Selenium. This requires that the chrome driver and the chrome browser are both installed already and located in a trusted path"))
parser.add_argument("-u", "--url", action="store", dest="url",
help="URL to call", required=True)
parser.add_argument("-l", "--headless", action="store_true",
@manasmbellani
manasmbellani / compare-lists.py
Created Feb 27, 2019
compare-lists.py - Compares 2 lists aka items that appear in one list but do not show up in the second list
View compare-lists.py
#!/usr/bin/env python3
import os
import sys
import argparse
parser = argparse.ArgumentParser(description="Compare 2 lists - Finds items in list1, not present in list2")
parser.add_argument("-l1", "--list1", dest="list1", action="store", required=True,
help="list1")
parser.add_argument("-l2", "--list2", dest="list2", action="store", required=True,
help="list2")
@manasmbellani
manasmbellani / ffmpeg_extract_audio_between_times.sh
Last active Feb 22, 2019
ffmpeg_extract_audio_between_times.sh - Extract audio/video between times via ffmpeg
View ffmpeg_extract_audio_between_times.sh
#!/bin/bash
if [ $# -lt 3 ]; then
echo "[-] $0 $action <in-video-audio-file> <start-time-as-HH:MM:SS> <end-time-as-HH:MM:SS/num_seconds> [out-file]"
exit
fi
in_audio_file="$1"
start_time="$2"
end_time_num_seconds="$3"
if [ -z "$out_file" ]; then
@manasmbellani
manasmbellani / ffmpeg_extract_audio_from_video.sh
Created Feb 16, 2019
ffmpeg_extract_audio_from_video.sh - Extracts audio from video files by running ffmpeg
View ffmpeg_extract_audio_from_video.sh
#!/bin/bash
DEFAULT_OUTPUT_FOLDER="out-audio-files"
if [ $# -lt 1 ]; then
echo "[-] $0 <folder/file-to-get-audio-from> [out-folder]"
echo
echo "Description: "
echo "This script converts a single file and outputs the file into an output folder"
echo "This script has been written for MacOS X only"
echo
echo "Arguments:"
@manasmbellani
manasmbellani / submit_urls_to_virustotal.sh
Created Feb 15, 2019
./submit_urls_to_virustotal.sh - Submits URLs to Virustotal for scanning
View submit_urls_to_virustotal.sh
#!/bin/bash
# in seconds time gap between individual requests to VT due to API limits
DEFAULT_TIME_GAP=30
USER_AGENT="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36"
DEFAULT_OUT_FILE="out-vt-scan.csv"
DELIMITER="|"
if [ $# -lt 2 ]; then
echo "[-] $0 <virustotal-api-key> <url-to-scan/file-to-scan> [out-file] [timegap]"
@manasmbellani
manasmbellani / slack_get_messages_from_channel.py
Created Feb 15, 2019
slack_get_messages_from_channel.py - Gets messages from slack channel with various filters individually or combined e.g. get last 50 messages from a channel, posted by user X, over last 2 days
View slack_get_messages_from_channel.py
#!/usr/bin/env python3
NUM_SECS_IN_DAY=86400
import json
import time
from datetime import datetime
from argparse import ArgumentParser
from slackclient import SlackClient
parser = ArgumentParser(description="Read messages from the specified slack channel")
@manasmbellani
manasmbellani / resync_time_via_google_website.py
Last active Feb 25, 2019
Resync time using the headers from the Google Website.
View resync_time_via_google_website.py
#!/usr/bin/python3
import requests
import subprocess
import shlex
def exec_cmd(cmd):
subprocess.Popen(shlex.split(cmd))
print("[*] Calling Google website to get headers ")
resp = requests.get("http://www.google.com")
@manasmbellani
manasmbellani / argument_spoofing.cpp
Last active Feb 16, 2019
Modified version of the argument spoofing to execute arbitrary commands - based on the script by XPN @ https://gist.github.com/xpn/1c51c2bfe19d33c169fe0431770f3020#file-argument_spoofing-cpp. Compile the script using bash file which will write the output to a file called 'argument_spoofing_new.exe'. Escape backslash when specifying commands as a…
View argument_spoofing.cpp
#include <iostream>
#include <windows.h>
#include <winternl.h>
#define CMD_TO_SHOW "powershell.exe -NoExit -c Write-Host 'This is just a friendly argument, nothing to see here'"
#define CMD_TO_EXEC L"powershell.exe -NoExit -c Write-Host Surprise, arguments spoofed\0"
typedef NTSTATUS(*NtQueryInformationProcess2)(
IN HANDLE,
IN PROCESSINFOCLASS,
You can’t perform that action at this time.