Skip to content

Instantly share code, notes, and snippets.

View namishelex01's full-sized avatar
🎯
Focusing

Namish namishelex01

🎯
Focusing
27 followers · 179 following
View GitHub Profile
@meldridge
meldridge / how-to-oscp-final.md
Last active April 12, 2024 02:06 — forked from unfo/how-to-oscp-final.md
How to pass the OSCP
@haxxinen
haxxinen / win_run_process_as.md
Created February 10, 2020 21:08
Run Windows process as another user.

1. Prerequisites

1.1. Account must be enabled (net user Administrator /active:yes)
>net user Administrator | findstr "active"
Account active               Yes
1.2. Info about domain and local host name
@penafieljlm
penafieljlm / cissp_notes.md
Last active April 9, 2024 12:50
Personal CISSP Study Notes

CISSP Notes

CIA Triad

  • Confidentiality
    • Resources should be protected from unauthorized access
    • Prioritized by governments
    • Concepts
      • Sensitivity
        • How harmful is disclosure
  • Discretion
@HarmJ0y
HarmJ0y / PowerView-2.0-tricks.ps1
Last active April 8, 2024 03:40
PowerView-2.0 tips and tricks
# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/)
# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993
# get all the groups a user is effectively a member of, 'recursing up'
Get-NetGroup -UserName <USER>
# get all the effective members of a group, 'recursing down'
Get-NetGroupMember -GoupName <GROUP> -Recurse
# get the effective set of users who can administer a server
@unfo
unfo / how-to-oscp-final.md
Last active February 26, 2024 08:39

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@sseffa
sseffa / xss-owasp-cheatsheet
Created April 18, 2014 08:16
xss-owasp-cheatsheet
#
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
# based on the RSnake original http://ha.ckers.org/xss.html
# Retrieved on 2013-11-20
# Much of this wildly obsolete
#
# XSS Locator 2
'';!--"<XSS>=&{()}
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active January 14, 2024 16:43
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
@Neo23x0
Neo23x0 / audit.rules
Last active January 13, 2024 14:12
Linux Auditd Best Practice Configuration
# IMPORTANT!
# This gist has been transformed into a github repo
# You can find the most recent version there:
# https://github.com/Neo23x0/auditd
# ___ ___ __ __
# / | __ ______/ (_) /_____/ /
# / /| |/ / / / __ / / __/ __ /
# / ___ / /_/ / /_/ / / /_/ /_/ /
# /_/ |_\__,_/\__,_/_/\__/\__,_/
@kkirsche
kkirsche / how-to-oscp-final.md
Created December 18, 2017 16:16 — forked from meldridge/how-to-oscp-final.md

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Escalate
  5. Document it

Time yourself

@namishelex01
namishelex01 / xss-owasp-cheatsheet
Last active October 17, 2022 21:11 — forked from sseffa/xss-owasp-cheatsheet
xss-owasp-cheatsheet
#
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
# based on the RSnake original http://ha.ckers.org/xss.html
# Retrieved on 2013-11-20
# Much of this wildly obsolete
#
# XSS Locator 2
'';!--"<XSS>=&{()}