Skip to content

Instantly share code, notes, and snippets.

View evilcat.go
package main
import (
"io"
"log"
"os"
"strings"
)
func readWrite(src io.Reader, dst io.Writer) {
View CVE-2018-10933.py
import paramiko
import socket
import sys
nbytes = 4096
hostname = "127.0.0.1"
port = 2222
sock = socket.socket()
try:
View how-to-oscp-final.md

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@Daviey
Daviey / SimpleHTTPServerWithUpload.py
Created Jan 6, 2018 — forked from touilleMan/SimpleHTTPServerWithUpload.py
Simple Python Http Server with Upload - Python3 version
View SimpleHTTPServerWithUpload.py
#!/usr/bin/env python3
"""Simple HTTP Server With Upload.
This module builds on BaseHTTPServer by implementing the standard GET
and HEAD requests in a fairly straightforward manner.
see: https://gist.github.com/UniIsland/3346170
"""
@Daviey
Daviey / github_bugbountyhunting.md
Created Oct 7, 2017 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.
View github_bugbountyhunting.md

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
View foo
~ aws_security_group.vpc-6cc8710b-ActiveDirectoryDMZSecurityGroups-SGUSE1SDZAD01-1KD80WPW2KD57
ingress.1997339319.from_port: "" => "49152"
ingress.1997339319.protocol: "" => "udp"
ingress.1997339319.self: "" => "false"
ingress.1997339319.to_port: "" => "65535"
ingress.2357930955.from_port: "" => "464"
ingress.2357930955.protocol: "" => "udp"
ingress.2357930955.self: "" => "false"
ingress.2357930955.to_port: "" => "464"
ingress.4239391808.from_port: "" => "49152"
View gist:44c62d7c76d34cebebf266499f6b8a4f
$ sudo docker push 127.0.0.1:5000/junk/data
The push refers to a repository [127.0.0.1:5000/junk/data]
e23aaf36be54: Retrying in 1 second
ff095ced7068: Retrying in 1 second
9abe2bd17d05: Retrying in 1 second
9f8566ee5135: Retrying in 1 second
read tcp 127.0.0.1:40868->127.0.0.1:5000: read: connection reset by peer
View keybase.md

Keybase proof

I hereby claim:

  • I am daviey on github.
  • I am daviey (https://keybase.io/daviey) on keybase.
  • I have a public key ASDuM1x_RJk2n70EZ2p-7R3mGBCPq4Y8nS6Xx0RJtrkm2wo

To claim this, I am signing this object:

View db.py
#!/usr/bin/python
import sys
from oslo.config import cfg
from sqlalchemy import create_engine
cfg_file = "/etc/nova/nova.conf"
View OSSP gmail filter.js
function main() {
// Get or create label
var label = GmailApp.getUserLabelByName("OSSP");
if (label == null) {
var label = GmailApp.createLabel("OSSP");
}
// lets go!