Skip to content

Instantly share code, notes, and snippets.

View RunInWindowsSandbox.wsb
<!-- -->
<!-- -->
<!-- -->
<!-- -->
<!-- -->
ricardojba / customqueries.json
Created Mar 15, 2021
BloodHound customqueries.json
View customqueries.json
# BloodHound customqueries.json
# Combo of:
# Copy paste to:
# Windows : %USERPROFILE%\AppData\Roaming\bloodhound\customqueries.json
# OSX: ~/Library/Application Support/bloodhound/customqueries.json
# NIX: ~/.config/bloodhound/customqueries.json
ricardojba /
Created Sep 26, 2020 — forked from byt3bl33d3r/
Crash the Windows Event Log service remotely (needs admin privs)
# Crash the Windows Event Log Service remotely, needs Admin privs
# originally discovered by limbenjamin and accidently re-discovered by @byt3bl33d3r
# Once the service crashes 3 times it will not restart for 24 hours
# Needs the impacket library (
ricardojba /
Created Aug 14, 2020 — forked from geek-at/
The script used to trash a banking phishing site
while :; do
verf=$(cat /dev/urandom | tr -dc '0-9' | fold -w 8 | head -n 1)
pin=$(cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1)
ip=$(printf "%d.%d.%d.%d\n" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))")
#!/usr/bin/env python
def xor(data,key):
return bytearray(((data[i]^key[i%len(key)]) for i in range(0,len(data))))
data = bytearray(open("my_magic_bytes.jpg.enc","rb").read())
# Known plaintext from wikipedia - XOR the enc file with it first
#key = bytearray([0xFF,0xD8,0xFF,0xE0,0x00,0x10,0x4A,0x46,0x49,0x46,0x00,0x01])
# 12 bytes key extracted from the file after the first above XOR
key = bytearray([0x46,0xcc,0xf9,0xa5,0x71,0xf0,0xff,0xb1,0x7e,0x41,0xcb,0x84])
View Fuzzing path traversal
View Wireless Penetration Testing Cheat

#Wireless Penetration Testing Cheat Sheet


  • Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
View gist:ab090df0b0c294f09940213e526e728f
# original
Starting with MS-SQL 2016 MS has allowed for the inclusion of the Microsoft R Server services, permitting the execution of R scripts in the MS-SQL environment. In order for this funcitonality to be enabled, the R services for SQL server component must be installed, the server must be reconfigured to permit sp_exectue_external_script, and a user must be granted the 'EXECUTE ANY EXTERNAL SCRIPT' permission; yes, all of this is becoming increasingly more common.
Once these conditions are in place, SQL users will have R capabilities in their queries through the use of sp_execute_external_script().
This can be 'fun'..
Sample R query in MS-SQL (from MSDN):

XFCE Desktop

How to install XFCE Desktop Environment in Kali Linux:


apt-get install kali-defaults kali-root-login desktop-base xfce4 xfce4-places-plugin xfce4-goodies

How to remove XFCE in Kali Linux:


ricardojba /
Created Sep 3, 2019 — forked from mgeeky/
egrep expression to scan PHP sources for invocation of potentially dangerous functions.
if [ -n "$1" ]; then
grep -E "\spassthru\(|\sexec\(|\spnctl_exec\(|\sproc_open\(|\spopen\(|\ssystem\(|\sshell_exec\(|\sregister_shutdown_function\(|\sregister_tick_function\(|\seval\(|\sexpect_popen\(|\sapache_child_terminate\(|\slink\(|\sposix_kill\(|\sposix_mkfifo\(|\sposix_setpgid\(|\sposix_setsid\(|\sposix_setuid\(|\sproc_close\(|\sproc_get_status\(|\sproc_nice\(|\sproc_terminate\(|\sputenv\(|\stouch\(|\salter_ini\(|\shighlight_file\(|\sshow_source\(|\sini_alter\(|\sfgetcsv\(|\sfputcsv\(|\sfpassthru\(|\sini_get_all\(|\sopenlog\(|\ssyslog\(|\srename\(|\sparse_ini_file\(|\sftp_connect\(|\sftp_ssl_connect\(|\sfsockopen\(|\spfsockopen\(|\ssocket_bind\(|\ssocket_connect\(|\ssocket_listen\(|\ssocket_create_listen\(|\ssocket_accept\(|\ssocket_getpeername\(|\ssocket_send\(|\sapache_get_modules\(|\sapache_get_version\(|\sapache_getenc\(|\sapache_note\(|\sapache_setenv\(|\sapache_request_headers\(|\sdiskfreespace\(|\sdisk_free_space\(|\sget_current_user\(|\sgetmypid\(|\sgetmyuid\(|\s