Skip to content

Instantly share code, notes, and snippets.

@payloadartist
payloadartist / firefox.sh
Last active February 6, 2021 20:42
Enumerate sub-domains, then open them in Firefox automatically. Useful for taking a quick glance at target's assets, and make notes, while doing recon.
# ------Instructions---------
# Install (and configure) subfinder, assetfinder, and httprobe
# go get -v github.com/projectdiscovery/subfinder/cmd/subfinder && go get -v github.com/tomnomnom/httprobe && go get -v github.com/tomnomnom/assetfinder
# cat firefox.sh >> ~/.bashrc
# source ~/.bashrc
# Usage - subf_ff target.tld
# asset_ff target.tld
subf_ff () {
subfinder -d $1 -silent -t 100 | httprobe -c 50 | sort -u | while read line; do firefox $line; sleep 10; done
@nikallass
nikallass / check-smb-v3.11.sh
Created March 11, 2020 04:57
CVE-2020-0796. Scan HOST/CIDR with nmap script smb-protocols.nse and grep SMB version 3.11.
#!/bin/bash
if [ $# -eq 0 ]
then
echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR'
exit 1
fi
echo "Checking if there's SMB v3.11 in" $1 "..."
nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+'
@yassineaboukir
yassineaboukir / List of API endpoints & objects
Last active June 14, 2024 01:38
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000
@calebmadrigal
calebmadrigal / parse_trackerjacker_wifi_map.py
Created August 10, 2018 21:11
parse_trackerjacker_wifi_map.py
import sys
import yaml
def parse_wifi_map(map_path):
with open(map_path, 'r') as f:
data = f.read()
wifi_map = yaml.load(data)
devices = set()
@7MinSec
7MinSec / Password_cracking_in_the_cloud.md
Last active August 24, 2023 14:24
Password cracking in the cloud
@koenrh
koenrh / gcp-gpu-vm-hashcat.md
Last active June 14, 2024 17:37
Running Hashcat on Google Cloud's new GPU-based VMs

Running Hashcat on Google Cloud's GPU-based VMs

In February 2017, Google announced the availability GPU-based VMs. I spun up a few of these instances, and ran some benchmarks. Along the way, I wrote down the steps taken to provision these VM instances, and install relevant drivers.

Update April 2019: Updated instructions to use instances with the Tesla T4 GPUs.

@binkybear
binkybear / mubix-lock.sh
Last active November 3, 2021 22:56
mubix-lock.sh
#!/bin/bash
#
# Attack created by Mubix. For more information see:
# https://room362.com/post/2016/snagging-creds-from-locked-machines
# Modified for Nethunter by Binkybear
#
# ================== #
# Check for root
# ================== #
@lnaia
lnaia / jam.sh
Last active September 25, 2016 22:35
A fully functional general purpose WiFi Jammer, for research purposes. Use it at your own risk. Inspired by https://code.google.com/p/wifijammer/downloads/detail?name=wifijammer_0.1.sh and http://julianoliver.com/output/log_2014-05-30_20-52.
#!/bin/bash
# Targeted jammer
NIC=$1 # Your wireless NIC
BSSID=$2 # Your target BSSID
if [ "$NIC" == "" ]; then
echo "No NIC defined."
exit 1
fi
@HarmJ0y
HarmJ0y / ubuntu_veil_evasion_setup.sh
Last active May 12, 2021 08:33
This short script will install Metasploit as well as Veil-Evasion on Ubuntu
#!/bin/bash
sudo apt-get install git
cd /tmp/
git clone https://github.com/darkoperator/MSF-Installer.git
cd MSF-Installer
sudo ./msf_install.sh -i
source ~/.bashrc
sudo chmod 0666 /usr/local/share/metasploit-framework/log/production.log