Skip to content

Instantly share code, notes, and snippets.

nguyenl95

Block or report user

Report or block nguyenl95

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@joeyaiello
joeyaiello / brk3179_demos.ps1
Created Nov 22, 2019
BRK3179 - PowerShell 7 demo script
View brk3179_demos.ps1
# These are the demos I delivered at Ignite for BRK3179 - PowerShell 7
# Not all of them are intended be run as-is, as they may require some dependency
# or be intended to showcase a more complex point (e.g. the AzVM example on &&)
# Those that were executed in the presentation were run with 7.0-preview.5 on the latest Windows 10
#region ETW Provider Definitions
$Providers = @("OAlerts","PowerShellCore/Operational","Microsoft-Windows-WMI-Activity/Operational","Microsoft-Windows-WLAN-AutoConfig/Operational","Microsoft-Windows-Wired-AutoConfig/Operational","Microsoft-Windows-WinRM/Operational","Microsoft-Windows-Winlogon/Operational","Microsoft-Windows-WinINet-Config/ProxyConfigChanged","Microsoft-Windows-WindowsUpdateClient/Operational","Microsoft-Windows-WindowsSystemAssessmentTool/Operational","Microsoft-Windows-Windows Firewall With Advanced Security/Firewall","Microsoft-Windows-Windows Defender/Operational","Microsoft-Windows-WFP/Operational","Microsoft-Windows-WebAuthN/Operational","Microsoft-Windows-W
View a8f5b757d2111927731c2c4730ca97a9d4f2c2b6eb9cd80bbb3ff33168bfd740.bas
olevba 0.54.2 on Python 3.7.3 - http://decalage.info/python/oletools
===============================================================================
FILE: a8f5b757d2111927731c2c4730ca97a9d4f2c2b6eb9cd80bbb3ff33168bfd740
Type: OpenXML
-------------------------------------------------------------------------------
VBA MACRO ThisWorkbook.cls
in file: xl/vbaProject.bin - OLE stream: 'VBA/ThisWorkbook'
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(empty macro)
-------------------------------------------------------------------------------
View 0c30d700b131246e302ff3da1c4180d21f4650db072e287d1b9d477fe88d312f
## uploaded by @JohnLaTwC
https://www.virustotal.com/en/file/0c30d700b131246e302ff3da1c4180d21f4650db072e287d1b9d477fe88d312f/analysis/
https://docs.microsoft.com/en-us/windows/desktop/api/wininet/nf-wininet-internetconnecta
void InternetConnectA(
HINTERNET hInternet,
LPCSTR lpszServerName,
INTERNET_PORT nServerPort,
LPCSTR lpszUserName,
LPCSTR lpszPassword,
DWORD dwService,
@leoloobeek
leoloobeek / JScriptToDotnet.js
Created Nov 28, 2018
Sample Extract Payload DotNetToJScript
View JScriptToDotnet.js
//Base64 Raw Decoder
function Base64Decode(str) {
if (!(/^[a-z0-9+/]+={0,2}$/i.test(str)) || str.length%4 != 0) throw Error('Not base64 string');
var b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
var o1, o2, o3, h1, h2, h3, h4, bits, d=[];
for (var c=0; c<str.length; c+=4) { // unpack four hexets into three octets
@netbiosX
netbiosX / pentestlab-dll.inf
Created May 7, 2018
CMSTP - Arbitrary DLL execution locally and remotely and SCT for AppLocker Bypass
View pentestlab-dll.inf
[version]
Signature=$chicago$
AdvancedINF=2.5
[DefaultInstall_SingleUser]
RegisterOCXs=RegisterOCXSection
[RegisterOCXSection]
C:\Users\test.PENTESTLAB\pentestlab.dll
@cizixs
cizixs / Netfilter-IPTables-Diagrams.md
Created Apr 17, 2018 — forked from nerdalert/Netfilter-IPTables-Diagrams.md
Linux NetFilter, IP Tables and Conntrack Diagrams
View Netfilter-IPTables-Diagrams.md

Linux NetFilter, IP Tables and Conntrack Diagrams

IPTABLES TABLES and CHAINS

IPTables has the following 4 built-in tables.

1) Filter Table

Filter is default table for iptables. So, if you don’t define you own table, you’ll be using filter table. Iptables’s filter table has the following built-in chains.

View cmstp.inf
;cmstp.exe /s cmstp.inf
[version]
Signature=$chicago$
AdvancedINF=2.5
[DefaultInstall_SingleUser]
UnRegisterOCXs=UnRegisterOCXSection
[UnRegisterOCXSection]
@herrcore
herrcore / ida_memdump.py
Created Nov 13, 2017
Dump a blob of memory into a file - IDA Pro script
View ida_memdump.py
import idautils
import idaapi
def memdump(ea, size, file):
data = idc.GetManyBytes(ea, size)
with open(file, "wb") as fp:
fp.write(data)
print "Memdump Success!"
@Geoyi
Geoyi / install virtualenv ubuntu 16.04.md
Created Sep 16, 2017 — forked from frfahim/install virtualenv ubuntu 16.04.md
How to install virtual environment on ubuntu 16.04
View install virtualenv ubuntu 16.04.md

How to install virtualenv:

Install pip first

sudo apt-get install python3-pip

Then install virtualenv using pip3

sudo pip3 install virtualenv 
View WEvade-x64
using System;
using System.Text;
using System.Text.RegularExpressions;
using System.Management.Automation.Runspaces;
using System.Runtime.InteropServices;
using System.Net;
using RGiesecke.DllExport;
namespace Export
{
You can’t perform that action at this time.