View go-sharp-loader.go
package main | |
/* | |
Example Go program with multiple .NET Binaries embedded | |
This requires packr (https://github.com/gobuffalo/packr) and the utility. Install with: | |
$ go get -u github.com/gobuffalo/packr/packr | |
Place all your EXEs are in a "binaries" folder |
View docker_aliases.sh
function dockershell() { | |
docker run --rm -i -t --entrypoint=/bin/bash "$@" | |
} | |
function dockershellsh() { | |
docker run --rm -i -t --entrypoint=/bin/sh "$@" | |
} | |
function dockershellhere() { | |
dirname=${PWD##*/} |
View Dockerfile
FROM python:alpine | |
RUN pip install wsgidav cheroot | |
RUN mkdir -p /webdav/share && mkdir -p /srv/data/share | |
COPY run.sh /webdav/ | |
WORKDIR /webdav/ | |
ENTRYPOINT "/webdav/run.sh" |
View Dockerfile
FROM nginx:stable | |
RUN apt-get update && apt-get install -y openssl | |
RUN mkdir -p /etc/nginx/ssl && mkdir -p /srv/data | |
COPY default.conf /etc/nginx/conf.d/ | |
COPY start.sh / | |
ENTRYPOINT [ "/start.sh" ] |
View Dockerfile
FROM python:2.7-alpine | |
RUN apk --update --no-cache add \ | |
zlib-dev \ | |
musl-dev \ | |
libc-dev \ | |
gcc \ | |
libffi-dev \ | |
openssl-dev && \ | |
rm -rf /var/cache/apk/* | |
RUN mkdir -p /opt/impacket |
View Dockerfile
ARG CENTOSIMAGE=astj/centos5-vault | |
FROM ${CENTOSIMAGE} | |
RUN yum install -y perl curl wget gcc c++ make glibc-devel glibc-devel.i386 |
View cors_poc_test.html
<html> | |
<script src="https://code.jquery.com/jquery-3.2.1.min.js"></script> | |
<h1>CORS Test PoC</h1> | |
<label for="target_url">Endpoint to test: </label><input type="url" id="target_url" size=100 placeholder="Target URL"><br/> | |
<input type="checkbox" id="with_creds_checkbox" value="with_creds"><label for="with_creds_checkbox">With Credentials?</label><br/> | |
<input type="submit" id="submit_btn" value="Make Request"> | |
<hr> | |
<p>If the site is vulnerable to an overly permissive CORS policy, the response of the above request will appear in the box below</p> | |
<div id="test_data" style="border:1px solid darkred; color: red"> |
View find_moles.py
#!/usr/bin/env python2 | |
# load the infraction json data | |
import json | |
with open('infractions.json', 'r') as fp: | |
data = json.loads(fp.read()) | |
infractions = data['infractions'] | |
# get all the names and generate the naughty list from the CSV | |
names = [] |
View startTerminator.vbs
args = "-c" & " -l " & """DISPLAY=:0 terminator""" | |
WScript.CreateObject("Shell.Application").ShellExecute "bash", args, "", "open", 0 |
View lookupadmins.py
#!/usr/bin/env python | |
# | |
# Title: lookupadmins.py | |
# Author: @ropnop | |
# Description: Python script using Impacket to query members of the builtin Administrators group through SAMR | |
# Similar in function to Get-NetLocalGroup from Powerview | |
# Won't work against Windows 10 Anniversary Edition unless you already have local admin | |
# See: http://www.securityweek.com/microsoft-experts-launch-anti-recon-tool-windows-10-server-2016 | |
# | |
# Heavily based on original Impacket example scripts written by @agsolino and available here: https://github.com/CoreSecurity/impacket |
NewerOlder