The CyberSec Lounge: https://disboard.org/server/join/509544906335715349
Infosec Community: https://discord.gg/bw8DzNn
Whitehat Hacking: https://discord.gg/dCu7n6J
HackTheBox: https://discord.gg/2NJt27j
MattyQ
/ matrixrain.js
Created
April 25, 2023 01:55
Creates a canvas in the body to draw a Matrix-style rain effect. Generated by ChatGPT. Free to reuse with no attribution required.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function matrixRain() { | |
| const canvas = document.createElement("canvas"); | |
| canvas.width = window.innerWidth; | |
| canvas.height = window.innerHeight; | |
| canvas.style.position = "fixed"; | |
| canvas.style.top = 0; | |
| canvas.style.left = 0; | |
| canvas.style.zIndex = -1; | |
| document.body.appendChild(canvas); |
Wra7h
/ Get-ProcessPipes.ps1
Last active
May 3, 2024 00:41
Use PowerShell to get the PIDs associated with Named Pipes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-ProcessPipes{ | |
| param( | |
| [Parameter(Mandatory=$false)] | |
| [string]$CSV, | |
| [Parameter(Mandatory=$false)] | |
| [switch]$All | |
| ) | |
| Add-Type -TypeDefinition @" | |
| using System; |
johnnyxmas
/ Active_Infosec_Discords.md
Last active
January 8, 2024 04:49
SwitHak
/ 20211210-TLP-WHITE_LOG4J.md
Last active
June 28, 2024 12:07
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
- If you want to add a link, comment or send it to me
- Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
- Royce Williams list sorted by vendors responses Royce List
- Very detailed list NCSC-NL
- The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
Neo23x0
/ log4j_rce_detection.md
Last active
June 24, 2024 22:11
Log4j RCE CVE-2021-44228 Exploitation Detection
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // Run this javascript file like so | |
| // | |
| // node generate-nested-json.js "a" 1024 64 | |
| // Where: | |
| // | |
| // "a" is the nested property to create | |
| // 1024 is the initial max recursion | |
| // 64 is the amount of times to multiple the initial max recursion. | |
| // |
ANeilan
/ exploded_phish_kits_wordlist.dict
Last active
January 6, 2024 15:11
a wordlist/dictionary file from exploded phish kits. strings to feed to ffuf, dirbuster, gobuster, etc. in order to find phish kit infrastructure/resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .cgi/ | |
| .cgi/.htaccess | |
| .cgi/idm/ | |
| .cgi/idm/.htaccess | |
| .cgi/idm/index.php | |
| .cgi/idm/oauth2 | |
| .cgi/idm/oauth2/authword.php | |
| .cgi/idm/oauth2/context.php | |
| .cgi/idm/oauth2/Email.php | |
| .cgi/idm/oauth2/index.php |
gladiatx0r
/ Workstation-Takeover.md
Last active
June 23, 2024 22:01
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure
In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;
- Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
- Relaying that machine authentication to LDAPS for configuring RBCD
- RBCD takeover
The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.
niko
/ README.md
Last active
June 30, 2024 17:00
— forked from ePirat/spec.md
Icecast Protocol specification
An collection of documents about icecast/shoutcast streaming.
- icy_meta.md contains the basics of metadata within the stream. The document where I got this information from (http://www.smackfu.com/stuff/programming/shoutcast.html) is not available any more.
- spec.md is a copy of this gist https://gist.github.com/ePirat/adc3b8ba00d85b7e3870 just to prevent the informtation from disappearing. You may find the discussion beneath the original gist interresting as well.
- icy.rb is the most simple icy metadata parser written in Ruby.
- Some information can be found here: https://cast.readme.io/docs/icy
nil0x42's tips & tricks
- Scrape twitter account of all github followers of target user on GitHub
- Scrape twitter account of all stargazers of target project on GitHub
NewerOlder