Skip to content

Instantly share code, notes, and snippets.

View realoriginal's full-sized avatar

Austin Hudson realoriginal

View GitHub Profile
@realoriginal
realoriginal / savepe32.go
Created September 11, 2024 11:17
Adds `save_pe32` functionality to UTK so I can more easily experiment with UEFI firmware from the command line without legacy UEFItool
// Copyright 2018 the LinuxBoot Authors. All rights reserved
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package visitors
import (
"errors"
"os"
/*!
*
* ROGUE
*
* GuidePoint Security LLC
*
* Threat and Attack Simulation Team
*
!*/
@realoriginal
realoriginal / GetIp.s
Created March 15, 2024 19:04
GetIp AARCH64 for Windows on ARM.
.section .text$C
.global GetIp
GetIp:
bl _next_instruction
_next_instruction:
mov x0, lr
sub x0, x0, _next_instruction - GetIp
ret
@realoriginal
realoriginal / agent_proc_list_tab.py
Created September 15, 2023 14:32
Example elements for displaying information back to the client and right-click-opt
#!/usr/bin/env python3
# -*- coding:utf-8 -*-
import PyQt5
import qtinter
import asyncio
class AgentProcListTab( PyQt5.QtWidgets.QWidget ):
"""
Tasks the specified agent with requesting a process listing against the
specified agent and executes the rendered results.
import asyncio
import qtinter
import ipaddress
from PyQt5.QtWidgets import *
from PyQt5.QtCore import *
from PyQt5.QtGui import *
class ExportPayloadDialog( QObject ):
"""
#
# ROGUE
#
# GuidePoint Security LLC
#
# Threat and Attack Simulation Team
#
import os
import sys
import click
D_SEC( A ) NTSTATUS NTAPI Entry( _In_ PVOID Parameter )
{
PARSED_BUF Psr;
UINT32 Wrt = 0;
PARG Arg = NULL;
LPWSTR Nps = NULL;
HANDLE Pip = NULL;
@realoriginal
realoriginal / Entry.c
Created March 29, 2023 16:40
TLDR: How a socks proxy client is written to tunnel connections from a 'teamserver' to an agent.
/*!
*
* RPROXICMP
*
* GuidePoint Security LLC
*
* Threat and Attack Simulation Team
*
!*/