Robbie random-robbie

## 365doms.py
#!/usr/bin/env python3

"""
Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
Based on: https://github.com/thalpius/Microsoft-Defender-for-Identity-Check-Instance.
Usage: ./check_mdi.py -d <domain>
"""

import argparse
import dns.resolver

## run.js
/*
  Developer: Marzavec ( https://github.com/marzavec )
  Description: A simple browser-based subdomain bruteforcing script, using DoH providers. Developed as a 5 minute hack, just to see it's preformance. Many improvements could be made, such as adding error handling or informing the user when the script is done.
  Usage: Open the browsers dev console (usually F12), paste this script, change the `rootTld`, press enter to run. Ezpz.
*/

const rootTld = 'lyka.pro'; // change to your target's root tld

// url to newline seperated wordlist
const wordlistUrl = 'https://raw.githubusercontent.com/rbsec/dnscan/master/subdomains.txt';

## gcp_enum.sh
# gcloud auth activate-service-account --key-file=85.json
# gcloud projects list

project="my-project"
space=""

echo "gcloud auth list"
gcloud auth list
echo -e "$space"

## README.md

      
              9 files
            
          
              6 forks
            
          
              0 comments
            
          
              18 stars
            
          
                JayHoltslander
                / README.md
            
            
              Created
              September 25, 2015 21:04
                — forked from magnetikonline/README.md
            
              
                IE 7/8/9/10/11 Virtual machines from Microsoft - Linux w/VirtualBox installation notes.
              
          
    IE 7/8/9/10/11 Virtual machines from Microsoft

Linux installation notes (tested under Ubuntu 14.04LTS/12.04LTS), assuming VirtualBox is already installed on host.

Install notes
Available images

IE7 - Vista Enterprise
IE8 - XP
IE9 - Win7
IE10 - Win7
IE10 - Win8


## cloud_metadata.txt
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

## bucket-disclose.sh
#!/bin/bash

# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
	#!/usr/bin/env python3

	"""
	Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
	Based on: https://github.com/thalpius/Microsoft-Defender-for-Identity-Check-Instance.
	Usage: ./check_mdi.py -d <domain>
	"""

	import argparse
	import dns.resolver
	/*
	Developer: Marzavec ( https://github.com/marzavec )
	Description: A simple browser-based subdomain bruteforcing script, using DoH providers. Developed as a 5 minute hack, just to see it's preformance. Many improvements could be made, such as adding error handling or informing the user when the script is done.
	Usage: Open the browsers dev console (usually F12), paste this script, change the `rootTld`, press enter to run. Ezpz.
	*/

	const rootTld = 'lyka.pro'; // change to your target's root tld

	// url to newline seperated wordlist
	const wordlistUrl = 'https://raw.githubusercontent.com/rbsec/dnscan/master/subdomains.txt';
	# gcloud auth activate-service-account --key-file=85.json
	# gcloud projects list

	project="my-project"
	space=""

	echo "gcloud auth list"
	gcloud auth list
	echo -e "$space"
	## AWS
	# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

	http://169.254.169.254/latest/user-data
	http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
	http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
	http://169.254.169.254/latest/meta-data/ami-id
	http://169.254.169.254/latest/meta-data/reservation-id
	http://169.254.169.254/latest/meta-data/hostname
	http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
	#!/bin/bash

	# Written by Frans Rosén (twitter.com/fransrosen)
	_debug="$2" #turn on debug
	_timeout="20"
	#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
	_aws_key="AKIA..."
	H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
	H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"