The CyberSec Lounge: https://disboard.org/server/join/509544906335715349
Infosec Community: https://discord.gg/bw8DzNn
Whitehat Hacking: https://discord.gg/dCu7n6J
HackTheBox: https://discord.gg/2NJt27j
MattyQ
/ matrixrain.js
Created
April 25, 2023 01:55
Creates a canvas in the body to draw a Matrix-style rain effect. Generated by ChatGPT. Free to reuse with no attribution required.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function matrixRain() { | |
| const canvas = document.createElement("canvas"); | |
| canvas.width = window.innerWidth; | |
| canvas.height = window.innerHeight; | |
| canvas.style.position = "fixed"; | |
| canvas.style.top = 0; | |
| canvas.style.left = 0; | |
| canvas.style.zIndex = -1; | |
| document.body.appendChild(canvas); |
Wra7h
/ Get-ProcessPipes.ps1
Last active
May 3, 2024 00:41
Use PowerShell to get the PIDs associated with Named Pipes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-ProcessPipes{ | |
| param( | |
| [Parameter(Mandatory=$false)] | |
| [string]$CSV, | |
| [Parameter(Mandatory=$false)] | |
| [switch]$All | |
| ) | |
| Add-Type -TypeDefinition @" | |
| using System; |
johnnyxmas
/ Active_Infosec_Discords.md
Last active
January 8, 2024 04:49
SwitHak
/ 20211210-TLP-WHITE_LOG4J.md
Last active
June 14, 2024 00:16
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
- If you want to add a link, comment or send it to me
- Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
- Royce Williams list sorted by vendors responses Royce List
- Very detailed list NCSC-NL
- The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
Neo23x0
/ log4j_rce_detection.md
Last active
January 28, 2024 08:19
Log4j RCE CVE-2021-44228 Exploitation Detection
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Run this javascript file like so | |
| // | |
| // node generate-nested-json.js "a" 1024 64 | |
| // Where: | |
| // | |
| // "a" is the nested property to create | |
| // 1024 is the initial max recursion | |
| // 64 is the amount of times to multiple the initial max recursion. | |
| // |
ANeilan
/ exploded_phish_kits_wordlist.dict
Last active
January 6, 2024 15:11
a wordlist/dictionary file from exploded phish kits. strings to feed to ffuf, dirbuster, gobuster, etc. in order to find phish kit infrastructure/resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .cgi/ | |
| .cgi/.htaccess | |
| .cgi/idm/ | |
| .cgi/idm/.htaccess | |
| .cgi/idm/index.php | |
| .cgi/idm/oauth2 | |
| .cgi/idm/oauth2/authword.php | |
| .cgi/idm/oauth2/context.php | |
| .cgi/idm/oauth2/Email.php | |
| .cgi/idm/oauth2/index.php |
gladiatx0r
/ Workstation-Takeover.md
Last active
May 28, 2024 22:38
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure
In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;
- Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
- Relaying that machine authentication to LDAPS for configuring RBCD
- RBCD takeover
The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.
nil0x42's tips & tricks
- Scrape twitter account of all github followers of target user on GitHub
- Scrape twitter account of all stargazers of target project on GitHub
QingpingMeng
/ EncryptSmallData.md
Last active
May 15, 2024 20:38
Encrypt data using JavaScript in browser with RSA public key generated in C# without library
This is an example to demo how you generate the RSA key pair from server side(.NetCore 3.1) and pass the public key to the client(Browser) for encrypting the data that <= 245 bytes.
RSA-2048 can only support to encrypt up to 245 bytes data.
using var rsaProvider = new RSACng();
// spki is used for browser side encryption
var spki = Convert.ToBase64String(rsaProvider.ExportSubjectPublicKeyInfo());
var encodedPrivateKey = Convert.ToBase64String(rsaProvider.ExportPkcs8PrivateKey());NewerOlder