Skip to content

Instantly share code, notes, and snippets.

View r3k2's full-sized avatar
🏠
on SourceHut sr.ht I do not push to github

CF_ReK2 r3k2

🏠
on SourceHut sr.ht I do not push to github
94 followers · 66 following
  • CyberSecurity, Hacker, Pentester, DevSecOps
  • Barcelona, Madrid , San Francisco, Boston CyberSpace
View GitHub Profile
@ernierasta
ernierasta / sway-record
Last active August 18, 2022 19:36
Swaywm screen and audio recording
#!/bin/bash
# Sway WM screen + audio recorder
# original author: Aaron D. Fields
# blog post: https://blog.spirotot.com/2017/08/21/a-dirty-hack-to-enable-acceptable-sway-wm-screen-recording/
# currently error 503 :-(
#
# Updated version: ernierasta
# Repo: https://gist.github.com/ernierasta
#
# Changelog:
@rgpublic
rgpublic / gist:8457d98b0fcc0c54893b9907f9b8b825
Created July 24, 2018 10:17
Synapse deactive user
#!/bin/bash
echo -e "\e[97mPlease enter password for Synapse/Matrix root user:\e[0m";
read -s password
echo -e "\e[97mEnter user you'd like to deactivate\e[0m";
read user
url_user=`echo -n "$user" | jq -s -R -r @uri`
json=`curl -s --insecure -XPOST -d '{"type":"m.login.password", "user":"root", "password":"'$password'"}' "https://localhost:8448/_matrix/client/r0/login"`
access_token=`echo "$json" | jq -r ".access_token"`
@chmike
chmike / checkDomain.go
Last active December 1, 2023 19:21
Check domain name validity in Go
// Please use the package https://github.com/chmike/domain as is it maintained up to date with tests.
// checkDomain returns an error if the domain name is not valid.
// See https://tools.ietf.org/html/rfc1034#section-3.5 and
// https://tools.ietf.org/html/rfc1123#section-2.
func checkDomain(name string) error {
switch {
case len(name) == 0:
return nil // an empty domain name will result in a cookie without a domain restriction
case len(name) > 255:
@xassiz
xassiz / mandros.py
Created March 16, 2018 07:53
Reverse MSSQL shell
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
'''
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
'''
@r3k2
r3k2 / gist:1f6f4afc2de1006de4e56e6e9a7d4b20
Created March 2, 2018 17:26 — forked from joernchen/gist:3623896
XXE to RCE
This turns https://www.sec-consult.com/files/20120626-0_zend_framework_xxe_injection.txt
into a Remote Command Execution:
NOTE: It relies on the PHP expect module being loaded
(see http://de.php.net/manual/en/book.expect.php)
joern@vbox-1:/tmp$ cat /var/www/server.php
<?
require_once("/usr/share/php/libzend-framework-php/Zend/Loader/Autoloader.php");
Zend_Loader_Autoloader::getInstance();
@chrisdoman
chrisdoman / OTX Example API Calls
Created November 29, 2017 19:18
= Examples of how OTX API calls relate different indicator types =
Official documentation is available at https://otx.alienvault.com/api but may be missing a couple of the newer calls
These are some unofficial notes
The API key below is for a dummy demo account. It should work but I would suggest using your own.
Some of the JSON responses are quite nested, and editor such as http://jsoneditoronline.org/ may be useful
== Input: Hostname / Domain ==
The following calls can be made for both domains and hostname, ie you can swap 'hostname' with 'domain' below.
@r3k2
r3k2 / StegBrute.rb
Last active November 22, 2017 11:21
Brute force steganography passwords
#!/bin/env ruby
# Hispgatos
# by ReK2, Fernandez Chris
# https://keybase.io/cfernandez
# Bruteforce password protected documents hidden inside images
# add you dictionary below to the dic variable
# of course you need to have installed steghide
require 'open3'
@Plazmaz
Plazmaz / netcat-webserver.sh
Last active May 7, 2021 02:08
A one-liner for a netcat webserver w/ sane logging
#! /bin/bash
sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done'
# Original (no sudo):
# while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done
# Raw (Skip filtering header lines):
# sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80; done'
@HardenedArray
HardenedArray / Efficient Encrypted UEFI-Booting Arch Installation
Last active October 22, 2023 12:14
An effcient method to install Arch Linux with encrypted root and swap filesystems and boot from UEFI. Multi-OS, and VirtualBox, UEFI-booting are also supported.
# OBJECTIVE: Install Arch Linux with encrypted root and swap filesystems and boot from UEFI.
# Note this encrypted installation method, while perfectly correct and highly secure, CANNOT support encrypted /boot and
# also CANNOT be subsequently converted to support an encrypted /boot!!! A CLEAN INSTALL will be required!
# Therefore, if you want to have an encrypted /boot or will want an encrypted /boot system at some point in the future,
# please ONLY follow my encrypted /boot installation guide, which lives here:
@darnir
darnir / NeoMutt colorschemes
Last active November 2, 2021 08:54
# for background in 16 color terminal, valid background colors include:
# base03, bg, black, any of the non brights
# style notes:
# when bg=235, that's a highlighted message
# normal bg=233
# basic colors ---------------------------------------------------------
# color normal brightyellow default
color error color196 color235 # message line error text