Skip to content

Instantly share code, notes, and snippets.

View thesubtlety's full-sized avatar

Noah thesubtlety

43 followers · 51 following
View GitHub Profile
@thesubtlety
thesubtlety / golang-windows-dll.go
Created February 5, 2020 05:18
Calling Windows DLLs from Go
package main
import (
"fmt"
"syscall"
"unicode/utf16"
"unsafe"
)
//https://github.com/golang/go/wiki/WindowsDLLs
@thesubtlety
thesubtlety / gist:5d30bc04f087807d817cf4479a481c23
Last active March 7, 2024 20:58
Download compile and encrypt the latest mimikatz
#requires -version 2
<#
Author: Noah
@subTee's reflexive loader
Required Dependencies: msbuild, csc
Execute: Run-UpdateKatz -Verbose
@thesubtlety
thesubtlety / dllmain.cpp
Last active June 24, 2023 21:57
Basic dll to execute commands
// Configuration Type: DLL
// Runtime Library: /MT
// Use of MFC: Use MFC in Static Library
// Architecture must match target _process_
// dllmain.cpp : Defines the entry point for the DLL application.
#include "stdafx.h"
#include <windows.h>
#include <sstream>
@thesubtlety
thesubtlety / parse-shodan-vuln-data.py
Last active October 1, 2022 10:17
Parse Shodan data file and extract CVE details by host, writing to CSV file
#!/usr/bin/env python3
import os
import re
import sys
import json
import gzip
import csv
import datetime
import shodan
@thesubtlety
thesubtlety / bulkip-shodan-scanner.py
Created December 11, 2019 00:24
Submit IPs/CIDRs to Shodan for scanning and download results
#!/usr/bin/env python3
import os
import sys
import time
import shodan
import netaddr
import ipaddress
'''
@thesubtlety
thesubtlety / bulkip-shodan-download.py
Created December 10, 2019 23:58
Download host data from Shodan given a list of IPs or CIDRs
#!/usr/bin/env python3
import os
import sys
import json
import time
import random
import string
import shodan
import ipaddress
@thesubtlety
thesubtlety / local-slack-jack.py
Created October 30, 2019 16:45
Get Slack tokens from local ldb storage files
#!/usr/bin/env python
'''
Just a python re-write of a tool by akerl
https://blog.akerl.org/2018/03/15/stealing-slack-creds-from-chrome/
https://github.com/akerl/limp
# user profiles
for tok in $(python3 slack-jack.py); do echo "Trying $tok"; curl -s https://slack.com/api/users.profile.get\?token\=$tok -H'Content-Type: application/x-www-form-urlencoded' | jq ; done
@thesubtlety
thesubtlety / ip_tools.py
Last active October 15, 2019 20:40
Random utilities to work with IP hosts, ranges, CIDR ranges
import netaddr, ipaddress
def file_to_array(fname):
with open(fname) as f:
farr = [l.strip() for l in f if l.strip()]
return farr
def cidrs_to_hosts(input_arr):
output_arr = []
for e in input_arr:
@thesubtlety
thesubtlety / invokeInMemLinux.go
Created October 4, 2019 15:57 — forked from capnspacehook/invokeInMemLinux.go
Executes a binary or file in memory on a Linux system. Uses the memfd_create(2) syscall. Credits and idea from: https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html
package main
import (
"io/ioutil"
"os"
"os/exec"
"strconv"
"syscall"
@thesubtlety
thesubtlety / parse_ldif_file.py
Created April 10, 2019 23:09
Parse an ldif file extracting the userPassword field
#!/usr/bin/env python
# pip install python-ldap
import sys, ldif
def main():
if len(sys.argv) != 3:
print("Usage: %s <ldif_dump.ldif> <outfile>") % sys.argv[0]
sys.exit(-1)
ldif_file = sys.argv[1]