Instantly share code, notes, and snippets.

View index.html
<html>
<head></head>
<body id="drop_zone" ondragenter="dragEnterHandler(event);">
<div>
<p>Drag one or more files to this Drop Zone ...</p>
</div>
</body>
View mq_clients.go
package main
import (
"context"
"flag"
"log"
"os"
"os/exec"
"regexp"
"strings"
View convert.py
#!/usr/bin/python
# Invoke-Kerberoast output hash extractor.
#
# For when you have:
# TicketByteHexStream :
# Hash : $krb5tgs$23$*sqlSvc$Adomain.com$MSSQLSvc/sqlserver.Adomain.com:1433*$C13BFD40143C0E
# ....
# SamAccountName : sqlSvc
# DistinguishedName : CN=sqlSvc,OU=ServiceAccounts,DC=Adomain,DC=com
View README.md

☄️ go-out

This code now lives at: https://github.com/sensepost/go-out

A simple, dependency free, Golang egress buster using @mubix letmeoutofyour.net and @bhinfosecurity allports.exposed services.

install

Save the main.go file and either go run main.go or build it with go build -o go-out main.go, moving the resultant binary to your place of choice.

cross compiling

View crypt.php
<?php
/*
* Quick 'n Dirty Laravel ~5.6 decrypter.
* @leonjza
*
* Typically, if you see a key with the format base64:key_string then
* you know you need this decrypter.
*
* For Laravel ~5.1, use: https://gist.github.com/leonjza/ce27aa7435f8d131d93f
View install.sh
# https://docs.docker.com/engine/installation/linux/docker-ce/debian/
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
echo "deb https://download.docker.com/linux/debian stretch stable" >> /etc/apt/sources.list
apt install docker-ce
# test that this thing is on
docker run hello-world
View README.md
View README.md

socat with sslv2 and sslv3 support

This script downloads and builds OpenSSL v1.0.2m and socat v1.7.3.2 in /usr/local/src. Once complete, a symlink at /usr/local/bin/socat-ssl23 is created so that you can run it with socat-ssl23.

install

Tested on Kali Linux:

curl -fsSL https://git.io/vFBDA | bash
View README.md

goness

A golang Nessus XML parser for use in your shell pipeline

examples

Just searching for "MS15":

$ goness -f exported_download.nessus | grep "MS15"
MS15-034: Vulnerability in HTTP.sys Could Allow Remote Code Execution (3042553) (uncredentialed check)|www|10.1.1.1:80
View escalate.py
#!/usr/bin/env python2
# Laravel Valet v1.1.4 - 2.0.3 Local Privilege Escalation (macOS)
# February 2017 - @leonjza
# Affected versions: At least since ~v1.1.4 to v2.0.3. Yikes.
# Reintroduced in v2.0.7 via the 'trust' command again.
# This bug got introduced when the sudoers files got added around
# commit b22c60dacab55ffe2dc4585bc88cd58623ec1f40 [1].