Skip to content

Instantly share code, notes, and snippets.

View CaiJiJi's full-sized avatar
👹
tw no.1

Caijiji CaiJiJi

👹
tw no.1
142 followers · 90 following
  • @Caijijijijijiji
  • Earth
View GitHub Profile
@coolaj86
coolaj86 / ChatGPT-Dan-Jailbreak.md
Last active May 11, 2024 21:06
@mattifestation
mattifestation / HowToDetectTechniqueX_Demos.ps1
Created September 6, 2019 22:03
Demo code from my DerbyCon talk: "How do I detect technique X in Windows?" Applied Methodology to Definitively Answer this Question
#region Attack validations
wmic /node:169.254.37.139 /user:Administrator /password:badpassword process call create notepad.exe
Invoke-WmiMethod -ComputerName 169.254.37.139 -Credential Administrator -Class Win32_Process -Name Create -ArgumentList notepad.exe
$CimSession = New-CimSession -ComputerName 169.254.37.139 -Credential Administrator
Invoke-CimMethod -CimSession $CimSession -ClassName Win32_Process -MethodName Create -Arguments @{ CommandLine = 'notepad.exe' }
$CimSession | Remove-CimSession
winrm --% invoke Create wmicimv2/Win32_Process @{CommandLine="notepad.exe"} -remote:169.254.37.139 -username:Administrator -password:badpassword
@adamyordan
adamyordan / CVE-2019-1003000-Jenkins-RCE-POC.py
Last active July 29, 2019 09:29
CVE-2019-1003000-Jenkins-RCE-POC
#!/usr/bin/python
# Author: Adam Jordan
# Date: 2019-02-15
# Repository: https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
# PoC for: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
import argparse
import jenkins
@edermi
edermi / kerberoast_pws.xz
Last active January 22, 2024 12:40
edermi Kerberoast PW list (XZ format)
This file has been truncated, but you can view the full file.
View raw
@verctor
verctor / procfs_bypass.php
Last active January 29, 2019 09:59
procfs_bypass fixed
<?php
/*
$libc_ver:
beched@linuxoid ~ $ php -r 'readfile("/proc/self/maps");' | grep libc
7f3dfa609000-7f3dfa7c4000 r-xp 00000000 08:01 9831386 /lib/x86_64-linux-gnu/libc-2.19.so
$open_php:
@bohops
bohops / RDP_Eavesdropping_Hijacking
Last active December 31, 2022 05:04
RDP Eavesdropping and Hijacking
*******************************
I spent some time this evening looking at ways to eavesdrop and hijack RDP sessions. Here is a gist of (semi) interesting findings
that is not very new...
===========
Inspiration
===========
As you may already know...
@Mr-Un1k0d3r
Mr-Un1k0d3r / cloning.sh
Created November 7, 2017 16:14
Lazy website cloning
#!/bin/bash
echo "Cloning $1"
wget $1 -O index.html &> /dev/null
TAG="<base href=\"$1\"/></head>"
sed '/<\/head>/i\'"$TAG" index.html | tee index.html &> /dev/null
echo "index.html was saved and modified"
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 29, 2024 14:36
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output