Skip to content

Instantly share code, notes, and snippets.

ropnop / go-sharp-loader.go
Created Aug 5, 2020
Example Go file embedding multiple .NET executables
View go-sharp-loader.go
package main
Example Go program with multiple .NET Binaries embedded
This requires packr ( and the utility. Install with:
$ go get -u
Place all your EXEs are in a "binaries" folder
function dockershell() {
docker run --rm -i -t --entrypoint=/bin/bash "$@"
function dockershellsh() {
docker run --rm -i -t --entrypoint=/bin/sh "$@"
function dockershellhere() {
ropnop / Dockerfile
Created Jul 18, 2019
webdav dockerfile
View Dockerfile
FROM python:alpine
RUN pip install wsgidav cheroot
RUN mkdir -p /webdav/share && mkdir -p /srv/data/share
COPY /webdav/
WORKDIR /webdav/
ENTRYPOINT "/webdav/"
ropnop / Dockerfile
Created Jul 18, 2019
Nginx server Dockerfile
View Dockerfile
FROM nginx:stable
RUN apt-get update && apt-get install -y openssl
RUN mkdir -p /etc/nginx/ssl && mkdir -p /srv/data
COPY default.conf /etc/nginx/conf.d/
ropnop / Dockerfile
Created Jul 18, 2019
Impacket Dockerfile
View Dockerfile
FROM python:2.7-alpine
RUN apk --update --no-cache add \
zlib-dev \
musl-dev \
libc-dev \
gcc \
libffi-dev \
openssl-dev && \
rm -rf /var/cache/apk/*
RUN mkdir -p /opt/impacket
ropnop / Dockerfile
Created Jul 18, 2019
centos5 devel dockerfile
View Dockerfile
ARG CENTOSIMAGE=astj/centos5-vault
RUN yum install -y perl curl wget gcc c++ make glibc-devel glibc-devel.i386
ropnop / cors_poc_test.html
Last active Nov 14, 2018
Quick tester for CORS misconfigurations
View cors_poc_test.html
<script src=""></script>
<h1>CORS Test PoC</h1>
<label for="target_url">Endpoint to test: </label><input type="url" id="target_url" size=100 placeholder="Target URL"><br/>
<input type="checkbox" id="with_creds_checkbox" value="with_creds"><label for="with_creds_checkbox">With Credentials?</label><br/>
<input type="submit" id="submit_btn" value="Make Request">
<p>If the site is vulnerable to an overly permissive CORS policy, the response of the above request will appear in the box below</p>
<div id="test_data" style="border:1px solid darkred; color: red">
ropnop /
Created Jan 9, 2018
A Python script for SANS Holiday Hack 2017
#!/usr/bin/env python2
# load the infraction json data
import json
with open('infractions.json', 'r') as fp:
data = json.loads(
infractions = data['infractions']
# get all the names and generate the naughty list from the CSV
names = []
ropnop / startTerminator.vbs
Created Sep 29, 2017
VBS Script to Launch Terminator through WSL
View startTerminator.vbs
args = "-c" & " -l " & """DISPLAY=:0 terminator"""
WScript.CreateObject("Shell.Application").ShellExecute "bash", args, "", "open", 0
ropnop /
Last active Dec 4, 2021
Python script using Impacket to enumerate local administrators over SAMR
#!/usr/bin/env python
# Title:
# Author: @ropnop
# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR
# Similar in function to Get-NetLocalGroup from Powerview
# Won't work against Windows 10 Anniversary Edition unless you already have local admin
# See:
# Heavily based on original Impacket example scripts written by @agsolino and available here: