This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# !/bin/bash | |
# Put here all the repos you want to back up | |
declare -a repositories=("repo_name") | |
# Path to repos | |
repo_path=/volume1/git/ | |
for repo in "${repositories[@]}"; do | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# DON'T USE THIS VERSION! | |
# Try https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40 instead | |
import os | |
import subprocess | |
# See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/ | |
svcinfo = {} | |
FNULL = open(os.devnull, 'w') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sub cloud_moomin { | |
set resp.http.moomin00 = " %1b[38;5;237m▄%1b[38;5;235m▄%1b[49m"; | |
set resp.http.moomin01 = " %1b[38;5;237m▄%1b[48;5;237m%1b[38;5;249m▄%1b[38;5;236m▄%1b[49m %1b[48;5;239m%1b[38;5;16m▄%1b[48;5;237m%1b[38;5;253m▄%1b[38;5;247m▄%1b[48;5;234m%1b[38;5;16m▄%1b[49m"; | |
set resp.http.moomin02 = " %1b[38;5;233m▄%1b[48;5;253m%1b[38;5;237m▄%1b[48;5;254m%1b[38;5;255m▄%1b[38;5;251m▄%1b[38;5;239m%1b[49m▄ %1b[38;5;237m▄ %1b[48;5;254m%1b[38;5;248m▄%1b[48;5;249m%1b[38;5;254m▄%1b[48;5;235m%1b[38;5;246m▄%1b[49m"; | |
set resp.http.moomin03 = " %1b[38;5;235m▄%1b[48;5;250m%1b[38;5;242m▄%1b[48;5;231m %1b[48;5;247m%1b[38;5;231m▄%1b[48;5;252m▄%1b[48;5;253m▄%1b[48;5;254m▄%1b[48;5;253m▄%1b[48;5;249m▄%1b[48;5;188m▄%1b[48;5;245m%1b[38;5;251m▄%1b[49m"; | |
set resp.http.moomin04 = " |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Mozilla User Preferences | |
// To change a preference value, you can either: | |
// - modify it via the UI (e.g. via about:config in the browser); or | |
// - set it within a user.js file in your profile (create it if it doesn't exist). | |
// | |
// Profile folder location on different systems: | |
// Windows: C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default | |
// Mac OS X: Users/<username>/Library/Application Support/Firefox/Profiles/xxxxxxxx.default | |
// Linux: /home/<username>/.mozilla/firefox/xxxxxxxx.default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//php gd-gif.php image.gif gd-image.gif | |
$gif = imagecreatefromgif($argv[1]); | |
imagegif($gif, $argv[2]); | |
imagedestroy($gif); | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import sys | |
import requests | |
import threading | |
import HTMLParser | |
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler | |
''' | |
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration | |
Author: @xassiz | |
''' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This idea originated from this blog post on Invoke DSC Resources directly: | |
# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/ | |
<# | |
$MOFContents = @' | |
instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref | |
{ | |
ResourceID = "[Script]ScriptExample"; | |
GetScript = "\"$(Get-Date): I am being GET\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True"; | |
TestScript = "\"$(Get-Date): I am being TESTED\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam.1.00\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam] | |
@="AtomicRedTeam" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\AtomicRedTeam\CLSID] | |
@="{00000001-0000-0000-0000-0000FEEDACDC}" | |
[HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{00000001-0000-0000-0000-0000FEEDACDC}] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy] | |
"Disabled"=dword:00000001 | |
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] | |
"SubscribedContent-338388Enabled"=dword:00000000 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# DiabloHorn https://diablohorn.com | |
# blank out bytes taking into account the PE file format | |
# input file: base64 malware.exe | rev > enc.txt | |
import sys | |
import os | |
#pip install pefile | |
import pefile | |
import argparse | |
import logging |
NewerOlder