Skip to content

Instantly share code, notes, and snippets.

View Anon-Exploiter's full-sized avatar
🎯
Making Memes & writing code :)

Syed Umar Arfeen Anon-Exploiter

🎯
Making Memes & writing code :)
580 followers · 0 following
View GitHub Profile
@keyboardcrunch
keyboardcrunch / pydocexec.py
Created April 30, 2020 02:24
Injects a python script inside a word document so the doc can be executed with python :)
#!/usr/bin/python3
import sys
import os
import zipfile
import tempfile
from xml.etree import ElementTree
from shutil import copyfile
def stuffer(py_file, doc_file):
@everdark
everdark / .screenrc
Last active May 17, 2020 04:10
Bash shell automation cheat sheet
# save as ~/.screenrc
startup_message off
caption always "%{=u .r} %-w%<%{=ub .Y}%n %t%{=u .r}%+w "
hardstatus alwaysignore
hardstatus alwayslastline "%{= .K} [%l]%<%=%{= .Y}$USER%{= .R}@%H %=%{= .m} %Y/%m/%d%{= .M} %0c "
defutf8 on
#caption always "%{= wk} %{= KY} [%n]%t @ %H %{-} %= %{= KR} %l %{-} | %{= KG} %Y-%m-%d %{-} "
#hardstatus alwayslastline " %-Lw%{= Bw}%n%f %t%{-}%+Lw %=| %0c:%s "
defscrollback 20480
@ignis-sec
ignis-sec / ignis-top-100-most-common.txt
Created June 21, 2020 08:19
Top 100 most common passwords from old public db leaks.
Password | Occurrence
_____________|____________
123456 |5377325
123456789 |1962160
password |1190534
qwerty |869629
12345678 |703220
12345 |679886
123123 |460430
1234 |448199
@katiefoster
katiefoster / mdbinj2.py
Created November 27, 2017 04:23
Pentester Lab: MongoDB Injection #2
#Code for bruteforcing a UUID for pentesterlab's MongoDB injection exercise.
import cookielib, urllib2, urllib
from bs4 import BeautifulSoup
found = ""
potentialChar = ["0","1","2","3","4","5","6","7","8","9","a","b","c","d","e","f","-"]
while True:
@scastillo
scastillo / roulette.sh
Last active October 25, 2020 05:41
My hobby: Randomly try a telnet console
#!/usr/env/sh
IP_FILE=${1:-ips.txt}
NUM_TARGETS=${2:-100}
IPS=$(sudo nmap -n -sS -iR ${NUM_TARGETS} -Pn -T5 -iL ${IP_FILE} -p23 -vvv | grep Discovered | awk '{print $6}')
if [[ $IPS ]]; then
echo $IPS | tee -a results.txt
for i in $IPS; do telnet $(echo $IPS | head -n1); done
@Include5
Include5 / sm plugins list
Created August 26, 2016 17:04
sm plugins list
[SM] Listing 77 plugins:
01 "Fun Votes" (1.8.0.5928) by AlliedModders LLC
02 "Fun Commands" (1.8.0.5928) by AlliedModders LLC
03 "SM Jailed Reasons" (v1.0) by Franc1sco steam: franug
04 "Hook Grab Rope" (1.1.5) by Sheepdude, SumGuy14
05 "Custom Player Skins (Core)" (1.3.4) by Mitchell, Root
06 "Pahan (PRIVATE)" (1.0) by R1KO
07 "Disable HUD money" (1.0) by Pheonix (‰7Феникс7‰)
08 "Disable Radar" (1.2) by Internet Bully
09 "Sound Commands" (1.8.0.5928) by AlliedModders LLC
@berzerk0
berzerk0 / CTFWRITE-Blocky-HTB.md
Last active May 24, 2021 14:35
CTF Writeup: Blocky on HackTheBox
@j0lt-github
j0lt-github / jsonpickle_vulnerable.txt
Last active August 7, 2021 13:00
jsonpickle 1.4.2 vulnerable to RCE
Description: JsonPickle 1.4.2 allows remote code execution during deserialization of a malicious payload through the decode() function.
VulnerabilityType: CWE-502: Deserialization of Untrusted Data
Vendor of Product: https://github.com/jsonpickle/jsonpickle
Affected Product Code Base: JsonPickle Python Module
Attack Type: Remote
Impact Code execution : True
@robert-moses
robert-moses / kali-windows-docker-notes.txt
Last active August 11, 2021 04:54
Kali Windows Docker (persistent storage)
docker run -ti --rm --mount src=kali-root,dst=/root --mount src=kali-postgres,dst=/var/lib/postgresql my-kali
#
# Notes to setup/run a persistent kali docker container (my notes to setup on my usual windows work PC)
# credit to @Airman604
# https://medium.com/@airman604/kali-linux-in-a-docker-container-5a06311624eb
# https://hub.docker.com/r/kalilinux/kali-linux-docker/
# https://www.kali.org/news/official-kali-linux-docker-images/
# https://hub.docker.com/?ref=login&overlay=onboarding
# Setup Docker Desktop for Windows
# Requires Windows10 Pro and Hyper-V
@quangnd-pgvn
quangnd-pgvn / youtube-dl-pluralsight.md
Created October 1, 2017 01:12
Download Pluralsight videos

Download Plural Sight videos

Software required:

youtube-dl

After installation and putting the youtube-dl in PATH

youtube-dl --username YOUR_USERNAME --password YOUR_PASSWORD --all-subs https://app.pluralsight.com/library/courses/javascript-development-environment -o "~/video/%(playlist)s/%(chapter_number)s. %(chapter)s/%(playlist_index)s. %(title)s.%(ext)s" --sleep-interval 10