This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
' From <http://www.cpearson.com/excel/recycle.aspx> | |
' VBA provides the Kill method, but that bypasses the recycle bin. | |
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' | |
' Windows API functions, constants,and types. | |
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' | |
Private Declare Function SHFileOperation Lib "shell32.dll" Alias _ | |
"SHFileOperationA" (lpFileOp As SHFILEOPSTRUCT) As Long | |
Private Declare Function PathIsNetworkPath Lib "shlwapi.dll" _ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
; --------------------------------------------------------------------------- | |
; File Name : C:\Users\gho\Desktop\fbi-sc.bin | |
; Gareth Owen, University of Portsmouth | |
; Load in Notepad++ for syntax highlighting | |
pusha | |
cld ; direction flag clear for string ops | |
call start ; ebp=locate | |
; ebp also used as position independant data pointer ebp[offset] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
upstream uwsgi { | |
ip_hash; | |
server 127.0.0.1:40000; | |
} | |
server { | |
listen 80; | |
server_name www.domain.com; | |
root /sites/mysite/; | |
access_log /sites/mysite/log/nginx/access.log; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# These are the demos I delivered at Ignite for BRK3179 - PowerShell 7 | |
# Not all of them are intended be run as-is, as they may require some dependency | |
# or be intended to showcase a more complex point (e.g. the AzVM example on &&) | |
# Those that were executed in the presentation were run with 7.0-preview.5 on the latest Windows 10 | |
#region ETW Provider Definitions | |
$Providers = @("OAlerts","PowerShellCore/Operational","Microsoft-Windows-WMI-Activity/Operational","Microsoft-Windows-WLAN-AutoConfig/Operational","Microsoft-Windows-Wired-AutoConfig/Operational","Microsoft-Windows-WinRM/Operational","Microsoft-Windows-Winlogon/Operational","Microsoft-Windows-WinINet-Config/ProxyConfigChanged","Microsoft-Windows-WindowsUpdateClient/Operational","Microsoft-Windows-WindowsSystemAssessmentTool/Operational","Microsoft-Windows-Windows Firewall With Advanced Security/Firewall","Microsoft-Windows-Windows Defender/Operational","Microsoft-Windows-WFP/Operational","Microsoft-Windows-WebAuthN/Operational","Microsoft-Windows-W |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
""" | |
Extract malware from Contagio Zip files, determining the password | |
automatically. | |
Note that the password for each zip file consists of a common base password | |
along with the last character of the file name (prior to the .zip extension). | |
If you don't know the base password, please contact Mila directly. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /bin/sh | |
### BEGIN INIT INFO | |
# Provides: redis-server | |
# Required-Start: $syslog | |
# Required-Stop: $syslog | |
# Should-Start: $local_fs | |
# Should-Stop: $local_fs | |
# Default-Start: 2 3 4 5 | |
# Default-Stop: 0 1 6 | |
# Short-Description: redis-server - Persistent key-value db |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin.sh | |
DOCKER_COMPOSE_VERSION=1.3.0 | |
# Download docker-compose to the permanent storage | |
echo 'Downloading docker-compose to the permanent VM storage...' | |
sudo mkdir -p /var/lib/boot2docker/bin | |
sudo curl -sL https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` -o /var/lib/boot2docker/bin/docker-compose | |
sudo chmod +x /var/lib/boot2docker/bin/docker-compose | |
sudo ln -sf /var/lib/boot2docker/bin/docker-compose /usr/local/bin/docker-compose |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[version] | |
Signature=$chicago$ | |
AdvancedINF=2.5 | |
[DefaultInstall_SingleUser] | |
RegisterOCXs=RegisterOCXSection | |
[RegisterOCXSection] | |
C:\Users\test.PENTESTLAB\pentestlab.dll |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
; Reflective Loader shellcode loading a DLL | |
; =============================================== | |
; Posted on http://adelmas.com/blog/fileless_malwares.php by @ArnaudDlms | |
; | |
; Written in x86 ASM with Flat Assembler | |
; No junk code added so executable might be detected as malicious by AVs | |
; Host process must be 32-bit | |
; | |
; Inspired by the following C code by Stephen Fewer : | |
; https://github.com/stephenfewer/ReflectiveDLLInjection/blob/master/dll/src/ReflectiveLoader.c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- mode: ruby -*- | |
# vi: set ft=ruby : | |
# Vagrantfile API/syntax version. Don't touch unless you know what you're doing! | |
VAGRANTFILE_API_VERSION = "2" | |
$script = <<SCRIPT | |
echo "-------------------- updating package lists" | |
apt-get update | |