Pinned Repositories
SilentHound
Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
Avengers-Blog-Writeup
This is a writeup for the Avengers Blog room in TryHackMe. This is a beginner room and the writeup does not display any flags, just how to get to them.
CVE-2023-38646
CVE-2023-38646 Unauthenticated RCE vulnerability in Metabase
D-Link-NAS-Devices-Unauthenticated-RCE
UNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability.
Exmatter
A mock of the Exmatter data exfiltration tool for Adversary Emulation. Build in .NET Framework. Intended to be used with 'execute-assembly'.
MagicFights
POC for hiding shellcode data inside valid MP4 files on disk.
MagicFightsLoaderC
A POC shellcode loader that searches for shellcode hidden in MP4 files.
ProcessHollowEncrypted
A .NET assembly that pulls AES encrypted shellcode from Sliver C2
rust-aes-loader
a rust shellcode loader for sliver
Stealerium
FORK Stealer + Clipper + Keylogger
nickswink's Repositories
nickswink/MagicFightsLoaderC
A POC shellcode loader that searches for shellcode hidden in MP4 files.
nickswink/CVE-2023-38646
CVE-2023-38646 Unauthenticated RCE vulnerability in Metabase
nickswink/ProcessHollowEncrypted
A .NET assembly that pulls AES encrypted shellcode from Sliver C2
nickswink/Stealerium
FORK Stealer + Clipper + Keylogger
nickswink/D-Link-NAS-Devices-Unauthenticated-RCE
UNTESTED exploit script for CVE-2024-3272 + CVE-2024-3273. The script exploits a backdoor authentication bypass + arbitrary command injection vulnerability.
nickswink/Exmatter
A mock of the Exmatter data exfiltration tool for Adversary Emulation. Build in .NET Framework. Intended to be used with 'execute-assembly'.
nickswink/MagicFights
POC for hiding shellcode data inside valid MP4 files on disk.
nickswink/rust-aes-loader
a rust shellcode loader for sliver
nickswink/Avengers-Blog-Writeup
This is a writeup for the Avengers Blog room in TryHackMe. This is a beginner room and the writeup does not display any flags, just how to get to them.
nickswink/Bob-1.0.1-Walkthrough
nickswink/Covid-19-Tracker
Covid-19 tracker using this api: https://covid19.mathdro.id/api
nickswink/Dogcat-Writeup
A writeup for the dogcat room on tryhackme.
nickswink/Elevate-System-Trusted-BOF
nickswink/CVE-2021-32682
elFinder Commands Injection (CVE-2021-32682)
nickswink/ExportDumper
A small tool I made to dump the export table of PE files. The primary use case was intended for use within DLL proxying.
nickswink/Flask-SocketIO-Demo
Flask-SocketIO Demo
nickswink/jargon
nickswink/mc-payload-mod
A proof of concept minecraft mod that executes a command on the host system.
nickswink/Newegg-web-scraper-API
an API to scrape a few pieces of data from amazon product pages for Christmas List React App
nickswink/nickswink
Config files for my GitHub profile.
nickswink/Ninja_UUID_Runner
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
nickswink/Previse-notes-walkthrough
nickswink/proxyshell-poc
nickswink/Simple-BOF-guide
nickswink/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
nickswink/Stardust
A modern 64-bit position independent implant template
nickswink/SysWhispers
AV/EDR evasion via direct system calls.
nickswink/UAC-BOF-Bonanza
Collection of UAC Bypass Techniques Weaponized as BOFs
nickswink/YaraChecker
Quick script that runs through Yara rules from a directory