Skip to content

Instantly share code, notes, and snippets.

View namishelex01's full-sized avatar
🎯
Focusing

Namish namishelex01

🎯
Focusing
View GitHub Profile
@namishelex01
namishelex01 / xss-owasp-cheatsheet
Last active October 17, 2022 21:11 — forked from sseffa/xss-owasp-cheatsheet
xss-owasp-cheatsheet
#
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
# based on the RSnake original http://ha.ckers.org/xss.html
# Retrieved on 2013-11-20
# Much of this wildly obsolete
#
# XSS Locator 2
'';!--"<XSS>=&{()}
@namishelex01
namishelex01 / NMap
Last active October 17, 2022 21:11
NMap Tips
~~~~~Port Scanning~~~~~
| Discovery scans |
-sP - Ping | -sW - Window Scan |
-sL - List/DNS Scan | -sA - ACK Scan |
-sO - Protocol Scan | -sR - RPC Scan |
-sV - Verify*** | -sI - Idle Scan |
-sU - UDP Scan*** | -sV - Version Scan |
@namishelex01
namishelex01 / Linux Abuse - I
Last active October 17, 2022 21:11
Linux Commands Hacks
Enumeration is the key.
(Linux) privilege escalation is all about:
Collect - Enumeration, more enumeration and some more enumeration.
Process - Sort through data, analyse and prioritisation.
Search - Know what to search for and where to find the exploit code.
Adapt - Customize the exploit, so it fits. Not every exploit work for every system "out of the box".
Try - Get ready for (lots of) trial and error.
Operating System
What's the distribution type? What version?
Introduction
> Distributed DB used by TCP/IP applications to map bt Hostnames & IP addrs and provide email routing information
> Why DNS? An app must convert hostname->IP addr before it can as TCP/UDP to, open connection/send datagram
> Access to DNS is through a "Resolver", its a part of application not OS
> UNIX hosts has two library functions
- gethostname(3) : Hostname -> IP addr
Wmic syntax - [global switches] <command>
The following global switches are available:
--------------------------------------------------------------------------
/NAMESPACE NAMESPACE - Path for the namespace the alias is to operate against. Namespaces are always relative i.e. if the namespace does not begin with a '\\' it will be assumed to be relative to the current namespace.
USAGE:
/NAMESPACE:<namespace>
--------------------------------------------------------------------------
@namishelex01
namishelex01 / cissp_notes.md
Created July 3, 2018 12:52 — forked from penafieljlm/cissp_notes.md
Personal CISSP Study Notes

CISSP Notes

CIA Triad

  • Confidentiality
    • Resources should be protected from unauthorized access
    • Prioritized by governments
    • Concepts
      • Sensitivity
        • How harmful is disclosure
  • Discretion
@namishelex01
namishelex01 / Deep-Diving-Bluetooth
Last active August 1, 2018 13:07
Learning about Bluetooth architecture and Protocols
Bluetooth technology
> bluetooth basic rate/enhanced data rate
>> High speed
> Low energy
> Attribute protocol/ generic attribute profile
------------
V2.1 - 2007 + EDR | secure device pairing by button press
V3.0 - 2009 + HS | MAC/PHY
V4.0 - 2010 + LE
@namishelex01
namishelex01 / Shellcode-Introduction
Last active August 17, 2018 07:24
Short wiki of Shellcode
[This is the gist version of the wiki page of Shellcode.]
[For elaborated explaination, please visit:- en.wikipedia.org/wiki/Shellcode]
SHELLCODE is a small piece of code used as the payload in the exploitation of a spftware vulnerability
Its called shellcode because it typically starts a command shell from which attacker can control the compromised machines
TYPES:
Local - Used by attacker who has limited access to a machine but can exploit a vulnerability
Remote - Used to target a remote machine, if the shellcode establishes the connection, it called reverse-shell or connect-back shell.
If attacker establishes the connection, shellcode is called bindshell because it binds certain port of victim's machine
Download & execute - Type of remote shellcode that downloads and executes some form of malware on target system
Staged - When amount of data that an attacker can inject into the target process is too limited to execute useful shellcode directly, it may be possible to execute it in stages
[Learning Exploit Development from fuzzysecurity.com]
Tools Needed:-
> Immunity debugger
> Mona.py
> Pvefindaddr.py
> Metasploit
> Virtual Box
Overflows to play with:-
1. Buffer overflow - A memory location receives more data than it was meant to
@namishelex01
namishelex01 / Mona Py Cheat sheet
Last active December 12, 2023 15:10
This is a gist compilation of ***Corelan.be*** manual of mona py
Main Project Page -> github.com/corelan/mona
Download the file and save it to this typical location ->
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands
BASIC USAGE :
!mona in the input box and press enter
For more information = Open log window (ALT-L)
For Help options ->