They should work. Works for all cores of your host system. Also you can download ESXi from here.
0xAJStrike
0xAJStrike
/ vmware.md
Created
October 23, 2025 18:39
— forked from arashkaffamanesh/vmware.md
VMware ESXi 8 / vCenter 8 / Workstation 17 license key 2024
0xAJStrike
/ _notes.md
Created
December 14, 2023 19:02
— forked from mgeeky/_notes.md
AppDomainManager Injection
We can do this by experimenting with .config files.
Many defenders catch/detect files that are renamed, they do this by matching Original Filename to Process Name
In this example, we don't have to rename anything. We simple coerce a trusted signed app to load our Assembly.
We do this by directing the application to read a config file we provide.
0xAJStrike
/ DynWin32-ReverseShell.ps1
Created
August 17, 2023 14:48
— forked from qtc-de/DynWin32-ReverseShell.ps1
PowerShell reverse shell that uses dynamically resolved Win32 API functions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| DynWin32-ReverseShell.ps1 is a reverse shell based on dynamically looked up Win32 API calls. | |
| The script uses reflection to obtain access to GetModuleHandle, GetProcAddress and CreateProcess. | |
| Afterwards it uses GetModuleHandle and GetProcAddress to resolve the required WSA functions | |
| from ws2_32.dll. | |
| This script should be used for educational purposes only (and maybe while playing CTF :D). | |
| It was only tested on Windows 10 (x64) and is probably not stable or portable. It's only | |
| purpose is to demonstrate the usage of reflective lookups of Win32 API calls. See it as |
0xAJStrike
/ New-DummyData.ps1
Created
August 15, 2023 12:52
— forked from techdecline/New-DummyData.ps1
Powershell script to create some random files with specified depth and file size
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function New-TestData { | |
| [CmdletBinding()] | |
| param ( | |
| [Parameter(Mandatory)] | |
| [ValidateScript({Test-Path $_})] | |
| [String]$RootFolder, | |
| # How many subfolders should be created | |
| [Parameter(Mandatory=$false)] | |
| [int] |
0xAJStrike
/ New-SmbShare.ps1
Created
August 15, 2023 12:52
— forked from techdecline/New-SmbShare.ps1
0xAJStrike
/ Get-InactiveUsers.ps1
Created
August 15, 2023 12:52
— forked from techdecline/Get-InactiveUsers.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InactiveUsers { | |
| [CmdletBinding()] | |
| param ( | |
| # Distinguished Names of search bases | |
| [Parameter(Mandatory=$true)] | |
| [String[]] | |
| $DistinguishedName, | |
| # Parameter help description | |
| [Parameter(Mandatory=$false)] |
0xAJStrike
/ WindowsExtMap.bat
Created
February 17, 2023 16:44
— forked from olliewuk/WindowsExtMap.bat
Enumerates all files extensions and what opens them on Windows 10/11 in batch/cmd
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| REM °²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²° | |
| REM °² Enumerates all files extensions ²° | |
| REM °² and what opens them on Windows 10/11 in batch/cmd ²° | |
| REM °² twitter: @ollieatnowhere ²° | |
| REM °²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²²° | |
| REM ------------------------------------------------------ | |
| REM |
0xAJStrike
/ google_lure.py
Created
December 8, 2022 09:35
— forked from ustayready/google_lure.py
Generate phishing lures that exploit open-redirects from www.google.com using Google Docs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from __future__ import print_function | |
| import pickle | |
| import os.path | |
| from googleapiclient.discovery import build | |
| from google_auth_oauthlib.flow import InstalledAppFlow | |
| from google.auth.transport.requests import Request | |
| from apiclient import errors | |
| import re | |
| from bs4 import BeautifulSoup as Soup |
0xAJStrike
/ LoadInMemoryModule.ps1
Created
October 1, 2022 19:37
— forked from mattifestation/LoadInMemoryModule.ps1
A stealthier method of loading a .NET PE in memory - via the Assembly.LoadModule method
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $Domain = [AppDomain]::CurrentDomain | |
| $DynAssembly = New-Object System.Reflection.AssemblyName('TempAssembly') | |
| $AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [Reflection.Emit.AssemblyBuilderAccess]::Run) | |
| $ModuleBuilder = $AssemblyBuilder.DefineDynamicModule('TempModule') | |
| # Create a stub module that the in-memory module (i.e. this mimics the loading of a netmodule at runtime) will be loaded into. | |
| $ModuleBuilder2 = $AssemblyBuilder.DefineDynamicModule('hello.dll') | |
| $TypeBuilder = $ModuleBuilder.DefineType('TempClass', [Reflection.TypeAttributes]::Public) | |
| $TypeBuilder.CreateType() | |
| $HelloDllBytes = [Convert]::FromBase64String('TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAJNPvloAAAAAAAAAAOAAAiELAQsAAAQAAAAGAAAAAAAAPiMAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACAAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAOQiAABXAAAAAEAAAJgCAAAAAAAAAAAAAAAAAAA |
0xAJStrike
/ get-hash.ps1
Created
August 27, 2022 13:25
— forked from bradwilson/get-hash.ps1
Hashing function for PowerShell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| param( | |
| [string]$pattern = "*.*", | |
| [ValidateSet("md5", "sha1", "sha256", "sha384", "sha512")]$algorithm = "sha1", | |
| [switch]$recurse | |
| ) | |
| [Reflection.Assembly]::LoadWithPartialName("System.Security") | out-null | |
| if ($algorithm -eq "sha1") { | |
| $hashimpl = new-Object System.Security.Cryptography.SHA1Managed |
NewerOlder