Skip to content

Instantly share code, notes, and snippets.

[hip, hip]

Leon Jacobs leonjza

[hip, hip]
View GitHub Profile
leonjza / patch.diff
Created Sep 30, 2022
tun2socks debug patch
View patch.diff
diff --git a/docker/ b/docker/
index 78571d9..765b13f 100644
--- a/docker/
+++ b/docker/
@@ -1,55 +1,28 @@
+# Modified version of
leonjza /
Created Aug 24, 2022 — forked from joswr1ght/
Read a file of network + CIDR masks, one per line; count the number of IP addresses it represents
#!/usr/bin/env python3
# original:
import sys
def countips(netblock):
v = netblock.split('/')
# nothing?
leonjza /
Last active Aug 5, 2022
Forward a remote iOS device, locally.

Forwards a remote iOS device, exposed via usbmuxd on Linux to a local macOS client.
The inverse (aka ssh -R) is left as an excercise to the reader, but shouldn't be too hard :)

This is basically a simple usbfluxd that only depends on socat.


Copy the bash script to a local file, say and make it executable with chmod +x

leonjza /
Created May 28, 2022
macOS enable vnc remotely via ssh
# simple script to enable remote management via an ssh
set -e
if [ "$EUID" -ne 0 ]
then echo "please run as root (eg: sudo $0)"
leonjza /
Last active Jul 18, 2022
Docker in an hour Workshop



Welcome to docker-in-an-hour! This is a "JIT" for docker, with many explanations being just enough to defend yourself. It is highly recommended that you go and at least Google some of the stuff here after doing the workshop. Read the official docs with real explanations.


leonjza / picker.patch
Created Jan 30, 2022
objection boot target picker poc
View picker.patch
diff --git a/objection/console/ b/objection/console/
index f9738d1..4814eff 100644
--- a/objection/console/
+++ b/objection/console/
@@ -3,6 +3,8 @@ import time
from pathlib import Path
import click
+from prompt_toolkit import prompt
+from prompt_toolkit.completion import FuzzyCompleter, WordCompleter
leonjza / clone-and-write.ps1
Created Oct 29, 2021
Cobalt Strike Clone Executable Signature for code-signer Malleable Profile block
View clone-and-write.ps1
# clone the certificate for SysInternals TCPView.exe and save
# it as cert.pfx
$o = Get-PfxCertificate -FilePath .\tcpview.exe
$cl = New-SelfSignedCertificate -CloneCert $o
$p = ConvertTo-SecureString -String "password" -Force -AsPlainText
Export-PfxCertificate -FilePath cert.pfx -Cert $cl -Password $p
leonjza /
Created Sep 23, 2021
SenseCon '21 Announce Challenge

Hello world!

This was the internal @sensepost SenseCon 2021 announcement email (stripped), together with the supporting challenge.

Have phun!

leonjza /
Last active Oct 12, 2022
A PHP eval() reverse shell.

php eval shell

A reverse shell that lets you evaluate PHP.
This is not an OS command reverse shell per-se but you could eval a function like system("id") for that if you wanted to.

Useful to poison an existing PHP file and explore the currently loaded environment.


leonjza /
Last active Dec 5, 2020
Traefik docker-compose with Trauth, Wildcard Certs & Metrics

traefik service docker-compose example

Traefik docker-compose with Trauth, Wildcard Certs & Metrics