Skip to content

Instantly share code, notes, and snippets.

@am0nsec
am0nsec / Update_Notes.md
Created Jul 22, 2019
You have found THE coolest gist :) Come to DerbyCon to learn more. Loading .NET Assemblies into Script Hosts - Abusing System32||SysWow64\Tasks writable property
View Update_Notes.md

Using Hard Links to point back to attacker controlled location.

mklink /h C:\Windows\System32\Tasks\tasks.dll C:\Tools\Tasks.dll
Hardlink created for C:\Windows\System32\Tasks\tasks.dll <<===>> C:\Tools\Tasks.dll

This can redirect the search to an arbitrary location and evade tools that are looking for filemods in a particular location.

xref: https://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html

View screen_cheatsheet.markdown

Screen Quick Reference

Basic

Description Command
Start a new session with session name screen -S <session_name>
List running sessions / screens screen -ls
Attach to a running session screen -x
Attach to a running session with name screen -r <session_name>
View safari-reaper.html
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
background: repeat url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/7QCIUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAGscAVoAAxslRxwCAAACAAAcAnQAV8KpIENoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbGQgLSBodHRwOi8vd3d3LnJlZGJ1YmJsZS5jb20vcGVvcGxlL0NoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbAD/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAA
@netbiosX
netbiosX / FodhelperUACBypass.ps1
Last active Oct 7, 2020
Bypass UAC via Fodhelper binary in Windows 10 systems
View FodhelperUACBypass.ps1
<#
.SYNOPSIS
This script can bypass User Access Control (UAC) via fodhelper.exe
 
It creates a new registry structure in: "HKCU:\Software\Classes\ms-settings\" to perform UAC bypass and starts
an elevated command prompt.
 
.NOTES
Function : FodhelperUACBypass
File Name : FodhelperUACBypass.ps1
@nullbind
nullbind / SQL Server Connection Strings CheatSheet
Last active Nov 20, 2019
SQL Server Connection Strings CheatSheet
View SQL Server Connection Strings CheatSheet
Below is a cheatsheet for creating SQL Server client connection strings and finding them in common configuration files.
------------------------------------------------------------------
CREATING CONNECTION STRINGS
------------------------------------------------------------------
----------------------
Authentication Options
----------------------
@tzmartin
tzmartin / embedded-file-viewer.md
Last active Oct 22, 2020
Embedded File Viewer: Google Drive, OneDrive
View embedded-file-viewer.md

Office Web Apps Viewer

('.ppt' '.pptx' '.doc', '.docx', '.xls', '.xlsx')

http://view.officeapps.live.com/op/view.aspx?src=[OFFICE_FILE_URL]

<iframe src='https://view.officeapps.live.com/op/embed.aspx?src=[OFFICE_FILE_URL]' width='px' height='px' frameborder='0'>
</iframe>

OneDrive Embed Links

@bhauman
bhauman / README.md
Last active Dec 3, 2019
ClojureScript minimal dev and prod setup.
View README.md

Recent improvements to the ClojureScript compiler have greatly simplified setting up development versus production outputs.

This example uses Figwheel as something that you want to exclude for production, but the pattern is general.

With this simple setup you only need one html file/view and it will work for developement and production.

View screen_cheatsheet.markdown

Screen Quick Reference

Basic

Description Command
Start a new session with session name screen -S <session_name>
List running sessions / screens screen -ls
Attach to a running session screen -x
Attach to a running session with name screen -r <session_name>
@GaelVaroquaux
GaelVaroquaux / mutual_info.py
Last active Oct 27, 2020
Estimating entropy and mutual information with scikit-learn
View mutual_info.py
'''
Non-parametric computation of entropy and mutual-information
Adapted by G Varoquaux for code created by R Brette, itself
from several papers (see in the code).
These computations rely on nearest-neighbor statistics
'''
import numpy as np
@omangin
omangin / nmf_kl.py
Last active Aug 9, 2019
Non-negative matrix factorization for I divergence
View nmf_kl.py
""" Non-negative matrix factorization for I divergence
This code was implements Lee and Seung's multiplicative updates algorithm
for NMF with I divergence cost.
Lee D. D., Seung H. S., Learning the parts of objects by non-negative
matrix factorization. Nature, 1999
"""
# Author: Olivier Mangin <olivier.mangin@inria.fr>
You can’t perform that action at this time.