This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Thanks @Arno0x: https://github.com/Arno0x/CSharpScripts/blob/master/shellcodeLauncher.cs | |
using System; | |
using System.Runtime.InteropServices; | |
namespace ShellcodeLoader | |
{ | |
class Program | |
{ | |
static void Main(string[] args) | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import frida | |
import sys | |
def on_message(message, data): | |
if message['type'] == 'send': | |
print(message['payload']) | |
elif message['type'] == 'error': | |
print(message['stack']) | |
else: | |
print(message) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//Thanks @Arno0x: https://github.com/Arno0x/CSharpScripts/blob/master/shellcodeLauncher.cs | |
using System; | |
using System.Runtime.InteropServices; | |
namespace ShellcodeLoader | |
{ | |
class Program | |
{ | |
static void Main(string[] args) | |
{ |
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#@author matterpreter | |
#@category | |
#@keybinding | |
#@menupath | |
#@toolbar | |
### | |
# To import to Neo4j: | |
# CREATE CONSTRAINT function_name ON (n:Function) ASSERT n.name IS UNIQUE | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Collections.Generic; | |
using System.IO; | |
using System.Linq; | |
using System.Management; | |
namespace ComAbandonment | |
{ | |
public class ComAbandonment | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Runtime.InteropServices; | |
public static void SetTokenPrivilege(ref IntPtr hToken, string privName) | |
{ | |
Console.WriteLine("[*] Adding {0} to token", privName); | |
LUID luid = new LUID(); | |
if (!LookupPrivilegeValue(null, privName, ref luid)) | |
{ | |
Console.WriteLine("[-] LookupPrivilegeValue failed!"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Diagnostics; | |
using System.Runtime.InteropServices; | |
namespace UnkillableTest | |
{ | |
class Program | |
{ | |
[DllImport("ntdll.dll", SetLastError = true)] | |
private static extern void RtlSetProcessIsCritical(uint bNew, uint pbOld, uint bNeedScb); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Collections.Concurrent; | |
using System.Collections.Generic; | |
using System.Diagnostics; | |
using System.IO; | |
using System.Linq; | |
using System.Threading.Tasks; | |
using PeNet; | |
using PeNet.Header.Pe; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0: kd> dt -b nt!_IRP | |
+0x000 Type : Int2B | |
+0x002 Size : Uint2B | |
+0x004 AllocationProcessorNumber : Uint2B | |
+0x006 Reserved : Uint2B | |
+0x008 MdlAddress : Ptr64 | |
+0x010 Flags : Uint4B | |
+0x018 AssociatedIrp : <anonymous-tag> | |
+0x000 MasterIrp : Ptr64 | |
+0x000 IrpCount : Int4B |
NewerOlder