Misc
To File:
RawCap.exe 127.0.0.1 localhost_capture.pcap
To Wireshark:
RawCap.exe -q 127.0.0.1 - | "C:\Program Files\Wireshark\Wireshark.exe" -i - -k
- confuserexstringdecryptor
- confuserexswitchkiller
pip freeze --user | cut -d'=' -f1 | xargs -n1 pip install -U
sudo lsof -i -P -n | grep LISTEN
docker rm -vf $(docker ps -a -q)
docker rmi -f $(docker images -a -q)
cat file.json | jq -c '.[]' > converted.json
Connect to a benign domain where you know it will be served by a big CDN (SNI is set to this domain). Change the host header to your malicious site which is hosted on the same CDN.
[Reflection.Assembly]::LoadWithPartialName("System.Drawing")
function screenshot([Drawing.Rectangle]$bounds, $path) {
$bmp = New-Object Drawing.Bitmap $bounds.width, $bounds.height
$graphics = [Drawing.Graphics]::FromImage($bmp)
$graphics.CopyFromScreen($bounds.Location, [Drawing.Point]::Empty, $bounds.size)
$bmp.Save($path)
$graphics.Dispose()
$bmp.Dispose()
}
$bounds = [Drawing.Rectangle]::FromLTRB(0, 0, 1920, 1080)
screenshot $bounds "C:\programdata\screenshot.png"
This short snippet will print the request headers & allow graceful shutdown.
#!/usr/bin/env python3
import http.server as SimpleHTTPServer
import socketserver as SocketServer
class StoppableHTTPServer(SimpleHTTPServer.HTTPServer):
def run(self):
try:
self.serve_forever()
except KeyboardInterrupt:
pass
finally:
self.server_close()
class GetHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def do_GET(self):
print(self.headers)
SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
server = StoppableHTTPServer(("", 80), GetHandler)
server.run()
netstat -na -f inet
Last modified 6mo ago