Skip to content

Instantly share code, notes, and snippets.

View lex1010's full-sized avatar

0xff lex1010

11 followers · 40 following
View GitHub Profile
@albinowax
albinowax / race-condition-probe.java
Last active October 5, 2025 14:47
Race condition custom action for Burp Repeater
// This will use the single-packet attack for HTTP/2, and last-byte synchronisation for HTTP/1
int NUMBER_OF_REQUESTS = 10;
var reqs = new ArrayList<HttpRequest>();
for (int i = 0; i < NUMBER_OF_REQUESTS; i++) {
reqs.add(requestResponse.request());
}
var responses = api().http().sendRequests(reqs);
var codes = responses.stream().map(HttpRequestResponse::response).filter(Objects::nonNull).map(HttpResponse::statusCode).toList();
logging().logToOutput(codes);
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active October 14, 2025 08:35
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@anvbis
anvbis / pwntools-cheatsheet.md
Last active November 8, 2025 21:12
pwntools-cheatsheet.md
@testanull
testanull / PoC_CVE-2021-28482.py
Created May 2, 2021 11:10
PoC of CVE-2021-28482
import requests
import time
import sys
from base64 import b64encode
from requests_ntlm2 import HttpNtlmAuth
from urllib3.exceptions import InsecureRequestWarning
from urllib import quote_plus
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
@richlander
richlander / examples.md
Last active November 14, 2023 22:04
.NET 5.0 Examples
@xpn
xpn / azuread_decrypt_msol_v2.ps1
Last active July 30, 2025 13:07
Updated method of dumping the MSOL service account (which allows a DCSync) used by Azure AD Connect Sync
Write-Host "AD Connect Sync Credential Extract v2 (@_xpn_)"
Write-Host "`t[ Updated to support new cryptokey storage method ]`n"
$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync2019;Initial Catalog=ADSync"
try {
$client.Open()
} catch {
Write-Host "[!] Could not connect to localdb..."
return
@yassineaboukir
yassineaboukir / List of API endpoints & objects
Last active September 24, 2025 15:54
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000
@phith0n
phith0n / fpm.py
Last active August 18, 2025 08:04
Fastcgi PHP-FPM Client && Code Execution
import socket
import random
import argparse
import sys
from io import BytesIO
# Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client
PY2 = True if sys.version_info.major == 2 else False
@meziantou
meziantou / CredentialManager.cs
Last active January 5, 2025 03:16
Using the Windows Credential API (CredRead, CredWrite, CredDelete, CredEnumerate).
// The most up to date version is available
// on GitHub: https://github.com/meziantou/Meziantou.Framework/tree/master/src/Meziantou.Framework.Win32.CredentialManager
// NuGet package: https://www.nuget.org/packages/Meziantou.Framework.Win32.CredentialManager/
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Runtime.InteropServices;
using System.Text;
using Microsoft.Win32.SafeHandles;