Skip to content

Instantly share code, notes, and snippets.



  • /dev/null
View GitHub Profile
2XXE-SRA / netrelease.ps1
Last active May 27, 2021
Add user to LanmanServer SrvsvcSessionInfo DACL, allowing them to perform NetSessionEnum (e.g. NetSess, BloodHound)
View netrelease.ps1
# based on NetCease:
# can be deployed on a per-host basis using this script - e.g. via something like SCCM
# or, once deployed to one host, can be deployed via GPO Registry preferences by copying the set registry value
# (lanmanserver still needs to be restarted when done this way)
# see: -> Disable Windows Legacy & Typically Unused Features -> Disable Net Session Enumeration (NetCease)
# constants
$key = "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\DefaultSecurity"
$name = "SrvsvcSessionInfo"
from socket import *
import struct
controller = None
puppet = None
class ChatClient:
def __init__(self, server):
self._server = server
self._sock = socket(AF_INET, SOCK_STREAM, 0)
icecr4ck /
Last active Jan 27, 2022
Cheatsheet for IDAPython
netbiosX / Shellcode.cs
Created Jun 6, 2017
C# file that contains shellcode and bypasses AppLocker via Assembly Load
View Shellcode.cs
using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause
minkione /
Created May 22, 2017
Install metasploit on Debian 8
# Install Oracle Java 8
apt-get install software-properties-common
add-apt-repository "deb xenial main" && apt-get update
apt-get install oracle-java8-installer
# Installing Dependencies
apt-get update
apt-get upgrade
apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl zlib1g-dev
worawit /
Last active Sep 6, 2021
Eternalblue exploit for Windows 7/2008
# This file has no update anymore. Please see
from impacket import smb
from struct import pack
import sys
import socket
EternalBlue exploit for Windows 7/2008 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)
phith0n /
Last active Jan 13, 2022
Fastcgi PHP-FPM Client && Code Execution
import socket
import random
import argparse
import sys
from io import BytesIO
# Referrer:
PY2 = True if sys.version_info.major == 2 else False
nrollr / nginx.conf
Last active Jan 17, 2022
NGINX config for SSL with Let's Encrypt certs
View nginx.conf
# UPDATED 17 February 2019
# Redirect all HTTP traffic to HTTPS
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
# SSL configuration
import base64
from Crypto.Cipher import AES
from Crypto import Random
# pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)
# unpad = lambda s : s[:-ord(s[len(s)-1:])
KEY = "58897d583d888978b62469889d584472"
cecilemuller /
Last active Jan 22, 2022
How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SSL rating)

How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SLL rating)

Virtual hosts

Let's say you want to host domains and

Create folders for their files: