Skip to content

Instantly share code, notes, and snippets.

View anthonykava's full-sized avatar
☎️
(not to scale)

Anthony Kava anthonykava

☎️
(not to scale)
View GitHub Profile
@MattyQ
MattyQ / matrixrain.js
Created April 25, 2023 01:55
Creates a canvas in the body to draw a Matrix-style rain effect. Generated by ChatGPT. Free to reuse with no attribution required.
function matrixRain() {
const canvas = document.createElement("canvas");
canvas.width = window.innerWidth;
canvas.height = window.innerHeight;
canvas.style.position = "fixed";
canvas.style.top = 0;
canvas.style.left = 0;
canvas.style.zIndex = -1;
document.body.appendChild(canvas);
@Wra7h
Wra7h / Get-ProcessPipes.ps1
Last active May 3, 2024 00:41
Use PowerShell to get the PIDs associated with Named Pipes
function Get-ProcessPipes{
param(
[Parameter(Mandatory=$false)]
[string]$CSV,
[Parameter(Mandatory=$false)]
[switch]$All
)
Add-Type -TypeDefinition @"
using System;
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active June 14, 2024 00:16
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active January 28, 2024 08:19
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@nstarke
nstarke / generate-nested-json.js
Last active April 14, 2022 15:01
Generated Deeply Nested JSON
//
// Run this javascript file like so
//
// node generate-nested-json.js "a" 1024 64
// Where:
//
// "a" is the nested property to create
// 1024 is the initial max recursion
// 64 is the amount of times to multiple the initial max recursion.
//
@ANeilan
ANeilan / exploded_phish_kits_wordlist.dict
Last active January 6, 2024 15:11
a wordlist/dictionary file from exploded phish kits. strings to feed to ffuf, dirbuster, gobuster, etc. in order to find phish kit infrastructure/resources
.cgi/
.cgi/.htaccess
.cgi/idm/
.cgi/idm/.htaccess
.cgi/idm/index.php
.cgi/idm/oauth2
.cgi/idm/oauth2/authword.php
.cgi/idm/oauth2/context.php
.cgi/idm/oauth2/Email.php
.cgi/idm/oauth2/index.php
@gladiatx0r
gladiatx0r / Workstation-Takeover.md
Last active May 28, 2024 22:38
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure

Overview

In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;

  • Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
  • Relaying that machine authentication to LDAPS for configuring RBCD
  • RBCD takeover

The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.

@nil0x42
nil0x42 / Awesome_GitHub_OSINT.md
Last active February 17, 2024 16:49
Awesome GitHub OSINT
@QingpingMeng
QingpingMeng / EncryptSmallData.md
Last active May 15, 2024 20:38
Encrypt data using JavaScript in browser with RSA public key generated in C# without library

This is an example to demo how you generate the RSA key pair from server side(.NetCore 3.1) and pass the public key to the client(Browser) for encrypting the data that <= 245 bytes.

RSA-2048 can only support to encrypt up to 245 bytes data.

Generate RSA key pair in C# (.Net Core 3.1):

using var rsaProvider = new RSACng();
// spki is used for browser side encryption
var spki = Convert.ToBase64String(rsaProvider.ExportSubjectPublicKeyInfo());
var encodedPrivateKey = Convert.ToBase64String(rsaProvider.ExportPkcs8PrivateKey());