This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
123456789:allowed | |
linkedin:allowed | |
000000:allowed | |
linked:allowed | |
1234567890:allowed | |
222222:allowed | |
555555:allowed | |
pakistan:allowed | |
chocolate:allowed | |
Linkedin:allowed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM alpine:latest as builder | |
LABEL maintainer="@singe at SensePost <research@sensepost.com>" | |
RUN apk update && apk --no-cache add \ | |
build-base \ | |
&& rm -rf /var/cache/apk/* | |
WORKDIR / | |
COPY yellow.c canary32.c canary32.h / | |
RUN gcc -o yellow yellow.c canary32.c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
one=$1 | |
two=$2 | |
if [[ $one == "" || $two == "" ]]; then | |
echo Display commands to merge two packet captures to the same time | |
echo $0 "<cap one> <cap two> <offset>" | |
exit 1 | |
fi | |
offset=$3 | |
if [[ ! $offset > 0 ]]; then |
Remember to compile with debug.
-
Trace command
sudo dtrace -c '<command>' -o out.stacks -n 'profile-997 /execname == "<command name>"/ { @[ustack(100)] = count(); }' > /dev/null
-
Create Graph
A Windows Arabic Code Page (CP1256) hashcat charset file. Its use is described by hashcat here. The original blog post describing it can be found at NTHashes and Encodings.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Convert hashcat.pot to john.pot and merge them | |
# Usage: hc-to-john.sh <hashcat pot> <john pot> | |
# NB: Make sure the hashcat pot only contains 16 | |
# and 32 character hashes that are LM and NT hashes | |
tmp1=$(mktemp -t pot-port) | |
tmp2=$(mktemp -t pot-port) | |
hashpot=$1 | |
LC_ALL=UTF-8 sed 's/^\([a-f0-9]\{32\}:[^:]*\)$/$NT$\1/' $hashpot | grep '^\$NT\$' > $tmp1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# A simple demo of Python requests to reverse proxy | |
# It's an intermediate between vanilla requests and Selenium | |
# It let's you interact programatically, but still run JS in | |
# the browser, without Selenium overhead | |
# | |
# This is an example of automating aspects of Facebook | |
# | |
# by @singe |
Remember to unzip the .docx first, or use scan.sh.
Compile the yara rule for scan.sh to work
yarac canarytoken.yar canarytoken
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Simple CA cert generator & leaf cert signer | |
# By dominic@sensepost.com | |
# All rights reserved 2019 | |
ca_prefix="ca" | |
leaf_prefix="host" | |
ca_validity="1825" #days | |
leaf_validity="730" #days | |
size=2048 |