Skip to content

Instantly share code, notes, and snippets.

View Daviey's full-sized avatar

Dave Walker Daviey

22 followers · 17 following
  • UK
View GitHub Profile
@Daviey
Daviey / gist:39168a64638bf425fc75
Created July 15, 2015 09:12
Verifying I am +daviey on my passcard. https://onename.com/daviey
@Daviey
Daviey / do.sh
Created June 15, 2016 22:26
#!/bin/bash
## Install a necessary packages
sudo apt-get install -y kvm cloud-utils genisoimage
## URL to most recent cloud image of 12.04
img_url="http://cloud-images.ubuntu.com/releases/16.04/release/"
img_url="${img_url}/ubuntu-16.04-server-cloudimg-amd64-disk1.img"
## download the image
wget -c $img_url -O disk.img.dist
@Daviey
Daviey / config.yml
Created July 7, 2016 12:38
---
- name: Check if Keystone Domain specific settings enabled
local_action: stat path="{{ node_custom_config }}/{{ item }}/domains"
register: keystone_domain_cfg
with_items:
- "keystone"
- name: DEBUG VAR
debug:
msg: "keystone_domain_cfg = {{ keystone_domain_cfg }}"
@Daviey
Daviey / OSSP gmail filter.js
Last active September 22, 2016 21:49
function main() {
// Get or create label
var label = GmailApp.getUserLabelByName("OSSP");
if (label == null) {
var label = GmailApp.createLabel("OSSP");
}
// lets go!
@Daviey
Daviey / db.py
Created February 20, 2017 16:01
#!/usr/bin/python
import sys
from oslo.config import cfg
from sqlalchemy import create_engine
cfg_file = "/etc/nova/nova.conf"
@Daviey
Daviey / keybase.md
Created March 3, 2017 18:08

Keybase proof

I hereby claim:

  • I am daviey on github.
  • I am daviey (https://keybase.io/daviey) on keybase.
  • I have a public key ASDuM1x_RJk2n70EZ2p-7R3mGBCPq4Y8nS6Xx0RJtrkm2wo

To claim this, I am signing this object:

@Daviey
Daviey / gist:44c62d7c76d34cebebf266499f6b8a4f
Created March 8, 2017 16:58
$ sudo docker push 127.0.0.1:5000/junk/data
The push refers to a repository [127.0.0.1:5000/junk/data]
e23aaf36be54: Retrying in 1 second
ff095ced7068: Retrying in 1 second
9abe2bd17d05: Retrying in 1 second
9f8566ee5135: Retrying in 1 second
read tcp 127.0.0.1:40868->127.0.0.1:5000: read: connection reset by peer
@Daviey
Daviey / foo
Created April 7, 2017 15:11
~ aws_security_group.vpc-6cc8710b-ActiveDirectoryDMZSecurityGroups-SGUSE1SDZAD01-1KD80WPW2KD57
ingress.1997339319.from_port: "" => "49152"
ingress.1997339319.protocol: "" => "udp"
ingress.1997339319.self: "" => "false"
ingress.1997339319.to_port: "" => "65535"
ingress.2357930955.from_port: "" => "464"
ingress.2357930955.protocol: "" => "udp"
ingress.2357930955.self: "" => "false"
ingress.2357930955.to_port: "" => "464"
ingress.4239391808.from_port: "" => "49152"
@Daviey
Daviey / github_bugbountyhunting.md
Created October 7, 2017 08:38 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@Daviey
Daviey / how-to-oscp-final.md
Created January 7, 2018 10:34 — forked from unfo/how-to-oscp-final.md

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.