Skip to content

Instantly share code, notes, and snippets.

@thesubtlety
thesubtlety / natlas-docker-howto.md
Last active Aug 13, 2020
tl;dr natlas/docker install
View natlas-docker-howto.md
@thesubtlety
thesubtlety / Get-Exports.ps1
Created Feb 12, 2020
DLL Hijack with exports
View Get-Exports.ps1
function Get-Exports {
<#
.SYNOPSIS
Get-Exports, fetches DLL exports and optionally provides
C++ wrapper output (idential to ExportsToC++ but without
needing VS and a compiled binary). To do this it reads DLL
bytes into memory and then parses them (no LoadLibraryEx).
Because of this you can parse x32/x64 DLL's regardless of
the bitness of PowerShell.
@thesubtlety
thesubtlety / golang-windows-dll.go
Created Feb 5, 2020
Calling Windows DLLs from Go
View golang-windows-dll.go
package main
import (
"fmt"
"syscall"
"unicode/utf16"
"unsafe"
)
//https://github.com/golang/go/wiki/WindowsDLLs
@thesubtlety
thesubtlety / gist:5d30bc04f087807d817cf4479a481c23
Last active Sep 2, 2020
Download compile and encrypt the latest mimikatz
View gist:5d30bc04f087807d817cf4479a481c23
#requires -version 2
<#
Author: Noah
@subTee's reflexive loader
Required Dependencies: msbuild, csc
Execute: Run-UpdateKatz -Verbose
@thesubtlety
thesubtlety / dllmain.cpp
Last active Feb 15, 2020
Basic dll to execute commands
View dllmain.cpp
// Configuration Type: DLL
// Runtime Library: /MT
// Use of MFC: Use MFC in Static Library
// Architecture must match target _process_
// dllmain.cpp : Defines the entry point for the DLL application.
#include "stdafx.h"
#include <windows.h>
#include <sstream>
@thesubtlety
thesubtlety / parse-shodan-vuln-data.py
Last active Jul 21, 2020
Parse Shodan data file and extract CVE details by host, writing to CSV file
View parse-shodan-vuln-data.py
#!/usr/bin/env python3
import os
import re
import sys
import json
import gzip
import csv
import datetime
import shodan
@thesubtlety
thesubtlety / bulkip-shodan-scanner.py
Created Dec 11, 2019
Submit IPs/CIDRs to Shodan for scanning and download results
View bulkip-shodan-scanner.py
#!/usr/bin/env python3
import os
import sys
import time
import shodan
import netaddr
import ipaddress
'''
@thesubtlety
thesubtlety / bulkip-shodan-download.py
Created Dec 10, 2019
Download host data from Shodan given a list of IPs or CIDRs
View bulkip-shodan-download.py
#!/usr/bin/env python3
import os
import sys
import json
import time
import random
import string
import shodan
import ipaddress
@thesubtlety
thesubtlety / local-slack-jack.py
Created Oct 30, 2019
Get Slack tokens from local ldb storage files
View local-slack-jack.py
#!/usr/bin/env python
'''
Just a python re-write of a tool by akerl
https://blog.akerl.org/2018/03/15/stealing-slack-creds-from-chrome/
https://github.com/akerl/limp
# user profiles
for tok in $(python3 slack-jack.py); do echo "Trying $tok"; curl -s https://slack.com/api/users.profile.get\?token\=$tok -H'Content-Type: application/x-www-form-urlencoded' | jq ; done
@thesubtlety
thesubtlety / ip_tools.py
Last active Oct 15, 2019
Random utilities to work with IP hosts, ranges, CIDR ranges
View ip_tools.py
import netaddr, ipaddress
def file_to_array(fname):
with open(fname) as f:
farr = [l.strip() for l in f if l.strip()]
return farr
def cidrs_to_hosts(input_arr):
output_arr = []
for e in input_arr:
You can’t perform that action at this time.