I hereby claim:
- I am rasta-mouse on github.
- I am rasta_mouse (https://keybase.io/rasta_mouse) on keybase.
- I have a public key ASDdfXATXOdgG0AVemBJUOTM1rTjZmEa8gDu07AhfFx4qwo
To claim this, I am signing this object:
Rasta Mouse rasta-mouse
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:22.04 | |
| ENV DEBIAN_FRONTEND=noninteractive | |
| # system dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| curl wget gnupg2 software-properties-common apt-transport-https \ | |
| git unzip build-essential clang lldb lld \ | |
| nasm yasm \ | |
| libssl-dev libcurl4-openssl-dev libelf-dev \ |
rasta-mouse
/ NtCreateUserProcess.cs
Created
December 20, 2022 22:19
Attempt at NtCreateUserProcess in C# (not working)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| namespace CreateProcess; | |
| internal static class Program | |
| { | |
| public static void Main(string[] args) | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using dnlib.DotNet; | |
| using dnlib.DotNet.Emit; | |
| using System; | |
| using System.IO; | |
| using System.Linq; | |
| using System.Reflection; | |
| namespace ConsoleApp1 | |
| { |
rasta-mouse
/ PPID Spoof & BlockDLLs
Last active
April 1, 2025 22:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| namespace BlockDllTest | |
| { | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { |
rasta-mouse
/ amsi-test-sample
Created
February 21, 2019 18:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Invoke-Expression 'AMSI Test Sample: 7e72c3ce-861b-4339-8740-0ac1484c1386' |
rasta-mouse
/ O365 DNS
Last active
July 10, 2018 14:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Exchange Online | |
| Type Priority Host name Points to address or value TTL | |
| MX 0 @ <domain>-<tld>.mail.protection.outlook.com 1 Hour | |
| TXT - @ v=spf1 include:spf.protection.outlook.com -all 1 Hour | |
| CNAME - autodiscover autodiscover.outlook.com 1 Hour | |
| ------------------ | |
| Skype for Business |
rasta-mouse
/ _.buildsteps.txt
Created
May 11, 2018 19:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /target:library C:\Tools\shellcodeLauncher.cs | |
| 2. DotNetToJScript.exe --lang=JScript --ver=v4 -c ShellCodeLauncher.Program C:\Tools\shellcodeLauncher.dll |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Find-DomainLocalGroupMember -GroupName Administrators | Select-Object ComputerName, MemberName | Export-Csv -NoTypeInformation -Path local-admins.csv | |
| Get-DomainGPO | % { Get-DomainObjectAcl -Identity $_.name -ResolveGUIDs } |
rasta-mouse
/ Windows Evals
Created
January 11, 2018 13:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Server 2016 | |
| http://care.dlservice.microsoft.com/dl/download/1/4/9/149D5452-9B29-4274-B6B3-5361DBDA30BC/14393.0.161119-1705.RS1_REFRESH_SERVER_EVAL_X64FRE_EN-US.ISO | |
| Windows Server 2012 R2 | |
| http://care.dlservice.microsoft.com/dl/download/6/2/A/62A76ABB-9990-4EFC-A4FE-C7D698DAEB96/9600.17050.WINBLUE_REFRESH.140317-1640_X64FRE_SERVER_EVAL_EN-US-IR3_SSS_X64FREE_EN-US_DV9.ISO | |
| Windows 10 LTSB | |
| http://care.dlservice.microsoft.com/dl/download/C/C/9/CC961888-75C0-479B-B21A-A0CC81978111/14393.0.160715-1616.RS1_RELEASE_CLIENTENTERPRISE_S_EVAL_X64FRE_EN-GB.ISO |
rasta-mouse
/ keybase.md
Created
April 11, 2017 19:39
NewerOlder