Skip to content

Instantly share code, notes, and snippets.

View JohnHubcr's full-sized avatar

JohnHubcr

67 followers · 207 following
View GitHub Profile
@bcse
bcse / scrdec18-VC8.exe
Created February 15, 2012 10:13
Windows Script Decoder 1.8 (Decoding JScript.Encoded)
@phith0n
phith0n / fpm.py
Last active July 20, 2024 11:18
Fastcgi PHP-FPM Client && Code Execution
import socket
import random
import argparse
import sys
from io import BytesIO
# Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client
PY2 = True if sys.version_info.major == 2 else False
@ropnop
ropnop / kinit_brute.sh
Last active June 6, 2021 18:23
A quick tool to bruteforce an AD user's password by requesting TGTs from the Domain Controller with 'kinit'
#!/bin/bash
# Title: kinit_brute.sh
# Author: @ropnop
# Description: This is a PoC for bruteforcing passwords using 'kinit' to try to check out a TGT from a Domain Controller
# The script configures the realm and KDC for you based on the domain provided and the domain controller
# Since this configuration is only temporary though, if you want to actually *use* the TGT you should actually edit /etc/krb5.conf
# Only tested with Heimdal kerberos (error messages might be different for MIT clients)
# Note: this *will* lock out accounts if a domain lockout policy is set. Be careful
@mhmdiaa
mhmdiaa / ip_encoder.py
Last active October 7, 2023 16:22
import sys
def to_octets(ip):
return [int(i) for i in ip.split('.')]
def dotless_decimal(ip):
octets = to_octets(ip)
result = octets[0] * 16777216 + octets[1] * \
@apolloclark
apolloclark / http security headers.md
Last active April 5, 2024 12:52