Skip to content

Instantly share code, notes, and snippets.

View iomoath's full-sized avatar

C99 iomoath

View GitHub Profile
@alfarom256
alfarom256 / lel.cpp
Last active June 1, 2023 17:49
dump lsass but in a weird way you probably shouldn't do in prod with a vulnerable driver
#include <Windows.h>
#include <winternl.h>
#include <stdio.h>
#include <DbgHelp.h>
#include "LenovoMemoryMgr.h"
#pragma comment(lib, "dbghelp")
typedef NTSTATUS(WINAPI* pNtQueryVirtualMemory)(HANDLE, PVOID, DWORD, PVOID, SIZE_T, PSIZE_T);
@vinhjaxt
vinhjaxt / Windows server officials ISO file.md
Created May 14, 2022 19:15
Windows server officials ISO file
@DartPower
DartPower / ms-office-dl-links
Last active December 8, 2025 02:28
MS Office Download Links
@jhawkwind
jhawkwind / BuildAStaticTor-CentOS8.sh
Last active July 11, 2022 23:44
This is to build a static TOR instance on CentOS 8
#!/bin/bash
PREFIX="/opt"
BUILD_DIR=~/build
LLVM_VERSION="10.0.0"
LLVM_FILE="llvmorg-${LLVM_VERSION}"
LLVM_DIR="llvm-project-${LLVM_FILE}"
OPENSSL_VERSION="1_1_1g"
OPENSSL_FILE="OpenSSL_${OPENSSL_VERSION}"
OPENSSL_DIR="openssl-OpenSSL_${OPENSSL_VERSION}"
@AetherEternity
AetherEternity / user.js
Last active December 13, 2024 10:55
Silent firefox
// Mozilla User Preferences
// To change a preference value, you can either:
// - modify it via the UI (e.g. via about:config in the browser); or
// - set it within a user.js file in your profile (create it if it doesn't exist).
//
// Profile folder location on different systems:
// Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default
// Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default
// Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default
@netbiosX
netbiosX / ImageFileExecutionOptions.ps1
Last active June 14, 2024 09:22
Image File Execution Options Injection - Persistence Technique
<#
ImageFileExecutionOptions v1.0
License: GPLv3
Author: @netbiosX
#>
# Image File Execution Options Injection Persistence Technique
# https://pentestlab.blog/2020/01/13/persistence-image-file-execution-options-injection/
function Persist-Debugger
@pishangujeniya
pishangujeniya / mail-exchange-2019.md
Last active June 18, 2024 13:34
Configuring and installing Mail Exchange 2019
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@Neo23x0
Neo23x0 / iddqd.yar
Last active August 1, 2024 09:08
IDDQD - Godmode YARA Rule
/*
WARNING:
the newest version of this rule is now hosted here:
https://github.com/Neo23x0/god-mode-rules/blob/master/godmode.yar
*/
/*
_____ __ __ ___ __
@mgeeky
mgeeky / vba-windows-persistence.vbs
Last active September 4, 2021 04:38
VBA Script implementing two windows persistence methods - via WMI EventFilter object and via simple Registry Run.
'
' SYNOPSIS:
' This macro implements two windows persistence methods:
' - WMI Event Filter object creation
' - simple HKCU Registry Run value insertion. It has to be HKCU to make it work under Win10 x64
'
' WMI Persistence method as originally presented by SEADADDY malware
' (https://github.com/pan-unit42/iocs/blob/master/seaduke/decompiled.py#L887)
' and further documented by Matt Graeber.
'