This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# run: mitmproxy -k -p 8090 -s mitmproxy-jwt-refresh-addon.py | |
# set burp upstream proxy to localhost:8090 | |
# | |
# use case: | |
# - application authorization is implemented by OAuth 2.0 | |
# - testing is performed using Burp as primary and mitmproxy as upstream proxy | |
# - mitmproxy takes care of the Authorization tokens using this addon | |
# - user gets an access_token and a refresh_token during the 1st login (e.g. password login) | |
# - mitmproxy addon caches access_token and refresh_token | |
# - mitmproxy addon adds Authorization: Bearer [access_token from cache] header for every request |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//sample: 1554e74b935a61d446cb634f80d7d1e200e864bc | |
//posted by @JohnLaTwC | |
// Also see research by Sudeep Singh, Yin Hong Chang @ https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html | |
----------------------------------------------- macro ---------------------------------- | |
Private Sub Workbook_Open() | |
Call doom_Init | |
Call doom_ShowHideSheets | |
End Sub |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Generate sample data and trigger Magento2 performance toolkit jMeter test plan. | |
HOST="magento2.loc" | |
BASE_PATH="/" | |
USERS=100 | |
RAMP_PERIOD=300 | |
LOOPS=1 | |
ADMIN_USER="magento2" | |
ADMIN_PASSWORD="magento2" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
%SYSTEMDRIVE%\boot.ini | |
%WINDIR%\win.ini This is another file that can be counted on to be readable by all users of a system. | |
%SYSTEMROOT%\repair\SAM | |
%SYSTEMROOT%\System32\config\RegBack\SAM Stores user passwords in either an LM hash and/or an NTLM hash format. The SAM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods. | |
%SYSTEMROOT%\repair\system | |
%SYSTEMROOT%\System32\config\RegBack\system This is the SYSTEM registry hive. This file is needed to extract the user account password hashes from a Windows system. The SYSTEM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods. | |
%SYSTEMROOT%\repair\SAM | |
%SYSTEMROOT%\System32\config\RegBack\SAM These files store the LM and NTLM hashes for local users. Using Volume Shadow Copy or Ninja Copy you can retrieve these files. | |
%WINDIR%\repair\sam | |
%WINDIR%\repair\system |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AccountObjectSetCheats | |
{ | |
bool AutoBattle = false; | |
AccountobjectSetCheats Type; | |
int8 SlotLockCheat = 0; | |
}; | |
class AccountObjectGetProfile | |
{ | |
std::string Filename; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
These two files should help you to import passwords from mac OS X keychains to 1password. | |
Assumptions: | |
1) You have some experience with scripting/are a power-user. These scripts worked for me | |
but they haven't been extensively tested and if they don't work, you're on your own! | |
Please read this whole document before starting this process. If any of it seems | |
incomprehensible/frightening/over your head please do not use these scripts. You will | |
probably do something Very Bad and I wouldn't want that. | |
2) You have ruby 1.9.2 installed on your machine. This comes as standard with Lion, previous | |
versions of OS X may have earlier versions of ruby, which *may* work, but then again, they |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.util.Iterator; | |
import java.util.Map; | |
import java.util.TreeMap; | |
import javax.net.ssl.SSLServerSocketFactory; | |
/* | |
* Source from Christopher Schultz | |
* @see http://markmail.org/message/zn4namfhypyxum23 | |
*/ | |
public class SSLInfo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Default Cipher | |
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA | |
* SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA | |
SSL_DHE_DSS_WITH_DES_CBC_SHA | |
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA | |
* SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA | |
SSL_DHE_RSA_WITH_DES_CBC_SHA | |
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA | |
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 | |
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA |
NewerOlder