Skip to content

Instantly share code, notes, and snippets.

View HacKanCuBa's full-sized avatar
⛷️
Also in gitlab.com/hackancuba

Iván || HacKan HacKanCuBa

⛷️
Also in gitlab.com/hackancuba
60 followers · 50 following
View GitHub Profile
@xinomilo
xinomilo / find-https-debian-archives.py
Last active December 20, 2017 01:17 — forked from eighthave/find-https-debian-archives.py
Script to find official Debian mirrors that support HTTPS
#!/usr/bin/python
import urllib2
import re
import ssl
import sys
# # find generic mirrors
mirrors = urllib2.urlopen('https://www.debian.org/mirror/list')
https = []
@Neo23x0
Neo23x0 / nmap-cmdline
Last active March 19, 2020 17:10
Nmap Scan Params for CVE-2017-0143 MS17-010 Scanning
# Scan for CVE-2017-0143 MS17-010
# The vulnerability used by WannaCry Ransomware
#
# 1. Use @calderpwn's script
# http://seclists.org/nmap-dev/2017/q2/79
#
# 2. Save it to Nmap NSE script directory
# Linux - /usr/share/nmap/scripts/ or /usr/local/share/nmap/scripts/
# OSX - /opt/local/share/nmap/scripts/
#
@0xdeadbife
0xdeadbife / ASN_discovery.md
Last active August 12, 2020 09:05
ASN discovery checklist/cheatsheet to get some juicy web targets for bug hunting purposes.

ASN Discovery

Checklist

  • Get ASN of target
  • Get IP ranges
  • Masscan all the ranges (common web ports)
  • Double check to verify hosts alive
  • Generate URL list
  • Bruteforce all the URLs
@swyxio
swyxio / readme.md
Last active January 16, 2022 10:36
svelte society day talks and resources -
@wdormann
wdormann / checksvc.py
Last active September 20, 2022 10:03
Check for insecure services on Windows
import os
import subprocess
import ctypes
# See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/
svcinfo = {}
nonadmin = ['AU', 'AN', 'BG', 'BU', 'DG', 'WD', 'IU', 'LG']
FNULL = open(os.devnull, 'w')
@oconnor663
oconnor663 / test.py
Last active October 27, 2022 20:18
A demonstration of GIL-releasing hashing leading to a data race in Python
#! /usr/bin/env python3
import hashlib
import threading
def hash_buf(buf):
return hashlib.sha256(buf).hexdigest()
@kodekracker
kodekracker / gunicorn.py
Created September 10, 2015 07:47
A config file of gunicorn(http://gunicorn.org/) contains fundamental configuration.
# -*- coding: utf-8 -*-
# Gunicorn(v19.3) Configuration File
# Reference - http://docs.gunicorn.org/en/19.3/settings.html
#
# To run gunicorn by using this config, run gunicorn by passing
# config file path, ex:
#
# $ gunicorn --config=gunicorn.py MODULE_NAME:VARIABLE_NAME
#
@noperator
noperator / README.md
Last active December 1, 2022 20:52
Secure containerized pastebin

Secure Containerized Pastebin

Easily deploy a secure containerized pastebin on a VPS.

Description

This project runs and configures two containers:

  • PrivateBin: A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted and decrypted in the browser.
  • SWAG: An Nginx webserver and reverse proxy with PHP support and a built-in Certbot client that automates free SSL server certificate generation and renewal processes.
@sudoaza
sudoaza / badaes.py
Last active January 3, 2023 03:10
RITSEC CTF 2022 - Crypto - Bad AES
"""
# RITSEC CTF 2022 - Crypto - Bad AES
## Custom AES implementation where Mix Columns and Shift Rows steps switch places
A secret government agency uses a 16-letter passphrase that is encrypted
to create their passwords for their computers. An insider within the agency
told me that everyday employees input their passphrase into this secret
encryption scheme to receive their password for the day & the key used to
encrypt their passphrase is changed by the agency daily.
(This is so their passwords change every day without the employee having
@mndrix
mndrix / base32-padding.go
Created November 2, 2015 21:54
Add padding characters to base32 encoded data
package main
import (
"encoding/base32"
"fmt"
"strings"
)
func main() {
data := "2246b2egzcc3ktvvoklo5cvzh4"