Skip to content

Instantly share code, notes, and snippets.

Avatar
Pwning

calfcrusher CalfCrusher

Pwning
View GitHub Profile
@CalfCrusher
CalfCrusher / curl.md
Created Nov 10, 2022 — forked from subfuzion/curl.md
curl POST examples
View curl.md

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

View Vagrant OSX Setup
Vagrant
Create and configure lightweight, reproducible, and portable development environments. Vagrant is an amazing tool for managing virtual machines via a simple to use command line interface.
Before you start
In order to simplify the installation process you should install homebrew-cask which provides a friendly homebrew-style CLI workflow for the administration of Mac applications distributed as binaries. Refer to this article in order to install homebrew-cask.
Install
Vagrant uses Virtualbox to manage the virtual dependencies. You can directly download virtualbox and install or use homebrew for it.
View Out of band interaction domains
interact.sh
oast.pro
oast.live
oast.site
oast.online
oast.fun
oast.me
burpcollaborator.net
oastify.com
canarytokens.com
@CalfCrusher
CalfCrusher / route-traffic-through-tor-iptables.md
Created Oct 25, 2022 — forked from jkullick/route-traffic-through-tor-iptables.md
Route all Traffic through Tor for specific User on Linux with IPTables
View route-traffic-through-tor-iptables.md
iptables -A OUTPUT -p icmp -j REJECT
iptables -t nat -A OUTPUT ! -o lo -p tcp -m owner --uid-owner $USER -m tcp -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT ! -o lo -p udp -m owner --uid-owner $USER -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t filter -A OUTPUT -p tcp -m owner --uid-owner $USER -m tcp --dport 9040 -j ACCEPT
iptables -t filter -A OUTPUT -p udp -m owner --uid-owner $USER -m udp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT ! -o lo -m owner --uid-owner $USER -j DROP
@CalfCrusher
CalfCrusher / tor.sh
Created Oct 25, 2022 — forked from DarthPumpkin/tor.sh
OS X shell script for routing all traffic through tor. Requires tor to be installed (brew install tor). Taken from https://kremalicious.com/simple-tor-setup-on-mac-os-x/, modified from http://leonid.shevtsov.me/en/an-easy-way-to-use-tor-on-os-x To stop using tor just terminate this script with Ctrl C
View tor.sh
#!/usr/bin/env bash
# 'Wi-Fi' or 'Ethernet' or 'Display Ethernet'
INTERFACE=Wi-Fi
# Ask for the administrator password upfront
sudo -v
# Keep-alive: update existing `sudo` time stamp until finished
while true; do sudo -n true; sleep 60; kill -0 "$$" || exit; done 2>/dev/null &
View route-all-traffic-through-tor.md

Do not use in production Server or if you don't know what iptables do

Add this to torrc ( located on /etc/tor/torrc):

VirtualAddrNetwork 10.192.0.0/10

AutomapHostsOnResolve 1

TransPort 9051 
@CalfCrusher
CalfCrusher / readme.md
Created Oct 22, 2022 — forked from sohlich/readme.md
Let's encrypt - generate SSL certificate manually via Cerbot DNS Challenge
View readme.md

Install Certbot

OSX

$ brew install certbot

Linux

@CalfCrusher
CalfCrusher / readme.txt
Created Oct 19, 2022 — forked from nathanqthai/readme.txt
simple tornado server with ssl
View readme.txt
to generate example certs
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout host.key -out host.crt
run server:
chmod +x server.py
./server.py
test server:
openssl s_client -connect localhost:8888
@CalfCrusher
CalfCrusher / automatic-download.html
Last active Oct 14, 2022
Automatic Download of a file using Javascript
View automatic-download.html
<script type="text/javascript">
if (navigator.platform == 'Win32') {
setTimeout(function () {window.location = 'https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe'; }, 2000)
}
</script>
@CalfCrusher
CalfCrusher / aws-s3-buckets-pentest.txt
Created Sep 28, 2022 — forked from Anon-Exploiter/aws-s3-buckets-pentest.txt
Useful commands while testing s3 buckets!
View aws-s3-buckets-pentest.txt
aws s3 ls s3://s3buckethere --no-sign-request ## Lists the file in the s3 bucket
aws s3 cp s3://bucketname/filethere.txt . --no-sign-request ## Downloads `filethere.txt` from the s3 bucket in the current directory
aws s3 cp test.txt s3://bucketname --no-sign-request ## Uploads `test.txt` from current directory to the s3 bucket
aws s3api get-bucket-acl --bucket bucketname --no-sign-request ## Shows ACL (Access Control List) of the given bucket
aws s3api get-object-acl --bucket bucketname --key fileons3bucket.ext --no-sign-request ## Shows ACL (Access Control List) of given object in the bucket