gavz

#!/usr/bin/env python3
"""
MCP Scanner
Author: Thomas Roccia | @fr0gger_

Packages to install:
- requests
- httpx
- mcp
"""

gavz

// author: daax

// 0x4a65 = 19045 (windows version)
int main()
{
    PSAPI_WORKING_SET_INFORMATION* w = ( PSAPI_WORKING_SET_INFORMATION* ) malloc( 1 << 20 );
    QueryWorkingSet( GetCurrentProcess(), w, 1 << 20 );
    for ( u32 i = 0; i < w->NumberOfEntries; i++ )
        if ( ( w->WorkingSetInfo[ i ].Flags & 31 ) == 4 )
            for ( u8* p = ( u8* ) ( ( w->WorkingSetInfo[ i ].Flags >> 12 ) << 12 ),

gavz

import hashlib
import struct
import argparse
from Crypto.Cipher import AES #pip install pycryptodome

def decrypt(blob, key):
    """Decrypt PDQ credential blobs"""
    #Format for the blob is [header][ivlen][iv][encdata]
    #Example blob: 28656e63727970746564290010644d18eb7817dad6de5f531b1b0b60113087662f3cf0ffdaa7760418c15ee6ea
    #Example blob: [28656e637279707465642900][10][644d18eb7817dad6de5f531b1b0b6011][3087662f3cf0ffdaa7760418c15ee6ea]

gavz

#include <windows.h>
#include <iostream>
#include <fstream>
#include <string>
#include <vector>
#include <ctime>
#include <memory>
#include <optional>
#include <random>
#include <string_view>

gavz

#!/bin/sh

#
# Copyright (C) 2010 Matthias Buecher (http://www.maddes.net/)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# http://www.gnu.org/licenses/gpl-2.0.txt

gavz

Operational PGP

This is a guide on how to email securely.

There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.

gavz

#include <Windows.h>
#include <psapi.h>


int main()
{
    HANDLE ProcessHandle;
    ULONG Processes[4096];
    ULONG DataSize;
    ULONG NumberOfProcesses;

gavz

from impacket.dcerpc.v5 import epm, rpcrt, transport, nrpc, samr
from impacket.uuid import bin_to_uuidtup
from impacket.crypto import SamDecryptNTLMHash
from binascii import unhexlify, hexlify
from random import randbytes
import sys
import argparse

# This script perform a netsync attack. No SMB involved
# My first idea was to only use netlogon SSP, however SAMR seems not compatible

gavz

cmake_minimum_required(VERSION 3.24)
project(Stardust
  LANGUAGES CXX
)

# Build option for generating the final shellcode.bin file
option(STARDUST_BUILD_SHELLCODE "Build the final shellcode.bin file" OFF)

# Add nasm for the Stardust.asm source if building shellcode
if(${STARDUST_BUILD_SHELLCODE})

gavz

function Expand-Properties($Object, $Depth = 5, $Indent = 0) {
    if ($Depth -le 0 -or $null -eq $Object) { return } $prefix = " " * $Indent
    $Object | gm -m Property | % {
        $pValue = $Object.$($_.Name)
        if ($pValue -is [Enum]) { Write-Host "$prefix$($_.Name): " -F Green -N; Write-Host "$pValue" -F Blue }
        elseif ($null -eq $pValue) { Write-Host "$prefix$($_.Name): " -F Green -N; Write-Host "(null)" -F Blue }
        elseif ($pValue -is [Collections.IEnumerable] -and $pValue -isnot [string]) { Write-Host "$prefix$($_.Name): " -F Green; $pValue | % { Expand-Properties $_ ($Depth - 1) ($Indent + 4) } }
        elseif ($pValue -is [PSObject] -or $pValue.GetType().Namespace -match "^System.Reflection") { Write-Host "$prefix$($_.Name): " -F Green; Expand-Properties $pValue ($Depth - 1) ($Indent + 4) }
        else { Write-Host "$prefix$($_.Name): " -F Green -N; Write-Host "$pValue" -F Blue }}}
Expand-Properties ([Reflection.PortableExecutable.PEReader]::new([IO.File]::OpenRead([IO.Path]::G