Skip to content

Instantly share code, notes, and snippets.

🔴
<script>alert(1);</script>

Edoardo Rosa edoz90

🔴
<script>alert(1);</script>
Block or report user

Report or block edoz90

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@edoz90
edoz90 / mashell.py
Last active Oct 29, 2019
Execute command using HEX or CHAR encoding. Bypass WAF and IPS filtering enabling RCE using xp_cmdshell
View mashell.py
#!/usr/bin/env python3
# Injector script to get a pseudo-interactive shell using xp_cmdshell
# Source post:
# Author: edoz90 (dodo)
# https://twitter.com/_d_0_d_o_
#
# USAGE: python3 ./mashell.py "whoami /priv"
#
import binascii
import hashlib
@edoz90
edoz90 / lfi_generator.py
Created Oct 27, 2019
Create PHP dockers (that are available on the official channel) to create a LFI test laboratory
View lfi_generator.py
#!/usr/bin/env python3
import glob
import requests
import subprocess
import sys
from bs4 import BeautifulSoup
from grp import getgrgid
from os import stat, path, chown
from pwd import getpwuid
@edoz90
edoz90 / DBus-spotify
Last active Oct 21, 2019
Python script to interact with DBus MediaPlayer2 interface, used by Spotify, VLC, mpd, MPlayer, etc (Info, Play/Pause, Next, Prev, Stop)
View DBus-spotify
#!/usr/bin/env python3
import sys
try:
# http://click.pocoo.org/5/why/
import click
import dbus
from colored import fg, stylize
except:
print("Need to install click, dbus-python and colored")
sys.exit(-1)
@edoz90
edoz90 / reoder_deobfuscator.py
Last active Oct 14, 2019
Try to deobfuscate a powershell script with re-ordering obfuscation
View reoder_deobfuscator.py
#!/usr/bin/env python3
#
# AUTHOR: Edoardo Rosa edoz90 https://github.com/edoz90
# https://twitter.com/_d_0_d_o_
#
# Sample: ("{0}{1}{4}{3}{5}{2}" -f 'CONv','er','G','R','tTo-SecURest','In')
# Decoded output: CONvertTo-SecURestRInG
#
try:
@edoz90
edoz90 / install_printer
Last active Oct 11, 2019
Install a printer on Arch Linux with cups using command line
View install_printer
#!/bin/bash
################################################################
# Install a printer on Arch Linux with cups using command line #
# Used for a HP PSC 1510 with default driver #
################################################################
sudo pacman -S cups
sudo systemctl start org.cups.cupsd
@edoz90
edoz90 / windows_list.zsh
Last active Sep 13, 2019
Prints windows list on focused desktop (bspwm) with dedicated icons
View windows_list.zsh
#!/usr/bin/env zsh
#Get id of all non-floating windows on current desktop
WINDOWS=(${(f)"$(bspc query -N -d focused -n .window)"})
#Get id of currently focused window
FOCUSED="$(bspc query -N -d focused -n .focused.window)"
FORMAT="-f3-"
@edoz90
edoz90 / steghide_brute.py
Last active Sep 8, 2019
CTF Multicore bruteforcer for `steghide`
View steghide_brute.py
#!/usr/bin/env python3
# -*- encoding: utf-8 -*-
import multiprocessing as mp
import os
import subprocess
import time
import sys
try:
import click
from colored import fg, stylize
@edoz90
edoz90 / parse_dump.py
Last active Jul 31, 2019
Parse `sqlmap` dumps from data breaches or leaks file into a JSON file
View parse_dump.py
#!/usr/bin/env python3
# -*- encoding: ascii -*-
#
# AUTHOR: Edoardo Rosa edoz90 https://github.com/edoz90
#
# DESCRIPTION: Parse `sqlmap` dumps from data breaches or leaks into JSON files
#
# Some files have shitty encoding/chars and they must be educated:
# sed -i 's/[^[:print:]\t]//g; s/\\r//g' *.txt
import click
@edoz90
edoz90 / addjstopdf.py
Last active Jun 21, 2019
Add embedded JavaScript script to a PDF document (python3)
View addjstopdf.py
#!/usr/bin/env python3
# https://gist.github.com/edoz90/a441f2bdfc8c99c1999db0a3e8495fb6
# Author: edoz90
try:
from PyPDF2 import PdfFileWriter, PdfFileReader
import click
except ModuleNotFoundError:
print("pip install pypdf2 click")
import sys
View OSCPbuffer.md

Speed up videos

document.getElementById("video").playbackRate = 1.5;

VPN - NM

[vpn]
dev-type=tap
You can’t perform that action at this time.