Skip to content

Instantly share code, notes, and snippets.

@ruevaughn

ruevaughn/tools

Last active Aug 1, 2021
Embed
What would you like to do?
Tools Cheat Sheet
~ ~ Bug Bounty ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
gobuster dir -u <url -w <path-to-wordlist> -x <extension> -k dirscan.txt
gobuster dir -u http://192.168.38.20 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
gobuster dir -u https://www.domain.com -w /home/user/bounty/awesome-wordlists/wordlists/discovery/directory_only_one.small.txt --wildcard
nmap -sC -sV -p- 1.1.1.1
nmap -sV -Pn -n 1.1.1.1
nmap 192.168.1.0/24 -p 22 --open
nmap 192.168.254.13 -p 22 --script ssh-brute --script-args userdb=users.txt,passdb=passwords.txt
nmap -p 22 --script ssh-brute --script-args userdb=users.lst,passdb=pass.lst \
--script-args ssh-brute.timeout=4s <target>
~ ~ Mobile ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
" Frida
frida-ps -U
" SSL Pinning Bypass for Android
frida -U -no-pause --codeshare pcipolloni/universal-android-ssl-pinning-bypass-with-frida -f YOUR_BINARY
" Objection
https://github.com/sensepost/objection
" MobSF
mobsf.github.io
" get arch version
adb shell getprop ro.product.cpu.abi
" Call Intent / Activity
adb shell am start -n com.android.insecurebankv2/com.android.insecurebankv2.PostLogin
adb shell settings put global http_proxy localhost:8082
adb reverse tcp:3333 tcp:8082
adb push ./burp-android-cert.cer /sdcard/Download/
adb push /path/to/frida-server /data/local/
adb shell chmod 777 /data/local/tmp/frida-server
adb shell /data/local/tmp/frida-server
# Using ADB, call the android exported activity.
adb shell am start -n com.android.insecurebankv2/com.android.insecurebankv2.PostLogin
apktool d InsecureBankv2
" recompile .apk
apktool b -f -d InsecureBankv2/
keytool -genkey -v -keystore ctf.keystore -alias ctfKeystore
-keyalg RSA -keysize 2048 -validity 1000
~ ~ Windows ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Safety Net Scanner
https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
Farbar Recovery Scan Tool (FRST)
bleepingcomputer.com/download/farbar-recovery-scan-tool/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment