Skip to content

Instantly share code, notes, and snippets.

View thesubtlety's full-sized avatar

Noah thesubtlety

43 followers · 51 following
View GitHub Profile
@thesubtlety
thesubtlety / sans-sec660-recommended-reading.md
Created January 5, 2019 00:08
SANS SEC660 GXPN Recommended Reading
@thesubtlety
thesubtlety / gist:5d30bc04f087807d817cf4479a481c23
Last active March 7, 2024 20:58
Download compile and encrypt the latest mimikatz
#requires -version 2
<#
Author: Noah
@subTee's reflexive loader
Required Dependencies: msbuild, csc
Execute: Run-UpdateKatz -Verbose
@thesubtlety
thesubtlety / golang-windows-dll.go
Created February 5, 2020 05:18
Calling Windows DLLs from Go
package main
import (
"fmt"
"syscall"
"unicode/utf16"
"unsafe"
)
//https://github.com/golang/go/wiki/WindowsDLLs
@thesubtlety
thesubtlety / jxarun.swift
Last active September 10, 2023 19:25
Run jxa from file http stdin
// adapted from cedowns jxa-runner
import Foundation
import Cocoa
import OSAKit
//Usage:
// for hosted .js JXA payloads: ./JXARunner -u [url_to_jxa_payload]
// for local .js JXA payloads: ./JXARunner -f [path_to_jxa_payload]
// echo 'jxacode' | ./runner -s
@thesubtlety
thesubtlety / dllmain.cpp
Last active June 24, 2023 21:57
Basic dll to execute commands
// Configuration Type: DLL
// Runtime Library: /MT
// Use of MFC: Use MFC in Static Library
// Architecture must match target _process_
// dllmain.cpp : Defines the entry point for the DLL application.
#include "stdafx.h"
#include <windows.h>
#include <sstream>
@thesubtlety
thesubtlety / coalmine2.py
Created May 19, 2023 13:43 — forked from HackingLZ/coalmine2.py
coalmine2.py
#!/usr/bin/python3
import re
import zipfile
import argparse
from urllib.parse import urlparse
from colorama import Fore, Style, init
init()
@thesubtlety
thesubtlety / getgo.sh
Created January 5, 2023 20:15
Install go to home dir on debian
#!/bin/bash
# Install golang to home dir
GOPATH="$HOME/go"
GOUTIL="$HOME/.go"
LATEST="$(curl -s https://go.dev/VERSION?m=text)"
DL_PKG="$LATEST.linux-amd64.tar.gz"
DL_URL="https://go.dev/dl/$DL_PKG"
wget "$DL_URL" -P "$GOUTIL"
rm -rf "$GOPATH" && tar -C $HOME -xzf "$GOUTIL/$DL_PKG"
export PATH=$PATH:$HOME/go/bin
@thesubtlety
thesubtlety / template.sh
Created November 18, 2022 23:43
shell script template
#!/usr/bin/env bash
# https://sharats.me/posts/shell-script-best-practices/
set -o errexit
set -o nounset
set -o pipefail
if [[ "${TRACE-0}" == "1" ]]; then
set -o xtrace
fi
@thesubtlety
thesubtlety / parse-shodan-vuln-data.py
Last active October 1, 2022 10:17
Parse Shodan data file and extract CVE details by host, writing to CSV file
#!/usr/bin/env python3
import os
import re
import sys
import json
import gzip
import csv
import datetime
import shodan
@thesubtlety
thesubtlety / jxarunner.m
Created September 30, 2022 18:15
Obj JXA runner
#import <Foundation/Foundation.h>
#import <Appkit/AppKit.h>
#import <CoreFoundation/CoreFoundation.h>
#import <OSAKit/OSAKit.h>
#import <Cocoa/Cocoa.h>
#import <OSAKit/OSALanguage.h>
#import <Foundation/NSString.h>
#include <string.h>
//jxarunner file.js