Skip to content

Instantly share code, notes, and snippets.

Avatar

Nikita Medvedev nikallass

View GitHub Profile
View github-recon
“Hackme.tld” API_key
“Hackme.tld” secret_key
“Hackme.tld” aws_key
“Hackme.tld” Password 
“Hackme.tld” FTP
“Hackme.tld” login
“Hackme.tld” github_token
“Hackme.tld” http:// & https://  
“Hackme.tld” amazonaws
“Hackme.tld” digitaloceanspaces
@nikallass
nikallass / subdomain.rb
Last active Oct 13, 2019 — forked from ehsahil/subdomain.rb
Subdomain OSINT script, running several best tools.
View subdomain.rb
#Tools based on a resolver.rb by @melvinsh
#Repository: https://github.com/melvinsh/subresolve
#Modified by @ehsahil for Personal Use.
#Modified by @nikallass for Personal Use.
require 'socket'
require 'colorize'
begin
if ARGV[0] == nil
@nikallass
nikallass / meterpreter.sl
Created May 10, 2018
Fix armitage scan crash
View meterpreter.sl
in armitage/armitage.jar
in /scripts/meterpreter.sl
replace line 381:
from: if ($text ismatch '... (.*?):(\d+) - TCP OPEN') {
to: if ($text ismatch '... (.*?): +- \1:(\d+) - TCP OPEN') {
@nikallass
nikallass / toggle_terminator.sh
Last active Oct 21, 2019
Toggle terminator. Kali
View toggle_terminator.sh
#!/bin/bash
# hotkey for prefrences /root/toggle_terminator.sh terminator
# on first start run script manually to install dependencies
#
# This script does this:
# launch an app if it isn't launched yet,
# focus the app if it is launched but not focused,
# minimize the app if it is focused.
#
# by desgua - 2012/04/29
@nikallass
nikallass / rbcd_demo.ps1
Created Jan 21, 2020 — forked from HarmJ0y/rbcd_demo.ps1
Resource-based constrained delegation computer DACL takeover demo
View rbcd_demo.ps1
# import the necessary toolsets
Import-Module .\powermad.ps1
Import-Module .\powerview.ps1
# we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account
whoami
# the target computer object we're taking over
$TargetComputer = "primary.testlab.local"
@nikallass
nikallass / Kali 2017.1 x64, Docker-ce Install script
Last active Feb 21, 2020
Kali 2017.1 x64, Docker-ce Install script
View Kali 2017.1 x64, Docker-ce Install script
#!/bin/bash
# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update
# remove previously installed Docker
sudo apt-get remove docker docker-engine docker.io* lxc-docker*
# install dependencies 4 cert
@nikallass
nikallass / check-smb-v3.11.sh
Created Mar 11, 2020
CVE-2020-0796. Scan HOST/CIDR with nmap script smb-protocols.nse and grep SMB version 3.11.
View check-smb-v3.11.sh
#!/bin/bash
if [ $# -eq 0 ]
then
echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR'
exit 1
fi
echo "Checking if there's SMB v3.11 in" $1 "..."
nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+'
@nikallass
nikallass / ptrarc.sh
Last active Apr 30, 2021
Search PTRarchive for subdomains and IPs
View ptrarc.sh
#!/bin/bash
if [ "$1" == "-h" ] || [ "$1" == "--help" ] || [[ $# -eq 0 ]]
then
me=`basename "$0"`
echo "Find subdomains in PTR-archive http://ptrarchive.com/tools/search.htm?date=ALL&label=example.com"
echo -e "Usage:\n\t./${me} [domain]"
echo -e "Example:\n\t./${me} example.com"
echo -e "\t./${me} -v example.com # Verbose output, includes IPs."
exit 1
View portinfo.sh
#!/bin/bash
if [ "$1" == "-h" ] || [ "$1" == "--help" ]
then
me=`basename "$0"`
echo "Find information about TCP/IP ports."
echo -e "Usage:\n\t./${me} [port|service]"
echo -e "Example:\n\t./${me} snmp\n\t./${me} 3389"
exit 1
fi
@nikallass
nikallass / crt.sh
Last active Oct 14, 2021
Certificate Transparency OSINT tool. It uses https://crt.sh/ to query domain name.
View crt.sh
#!/bin/bash
if [ "$1" == "-h" ] || [ "$1" == "--help" ] || [[ $# -eq 0 ]]
then
me=`basename "$0"`
echo "Find subdomains in certificate transparency log."
echo -e "Usage:\n\t./${me} [domain]"
echo -e "Example:\n\t./${me} example.com"
exit 1
fi