Skip to content

Instantly share code, notes, and snippets.

View swtornio's full-sized avatar

Steve Tornio swtornio

38 followers · 55 following
View GitHub Profile
@swtornio
swtornio / .vimrc
Created February 17, 2023 14:37
syntax on
filetype indent on
set number
set shiftwidth=4
set expandtab
set nowrap
@swtornio
swtornio / 2serv.py
Created February 15, 2023 19:29 — forked from phrawzty/2serv.py
simple python http server to dump request headers
#!/usr/bin/env python2
import SimpleHTTPServer
import SocketServer
import logging
PORT = 8000
class GetHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
@swtornio
swtornio / gist:ab5940a309e9b105457813c8e4c5140c
Created December 9, 2022 20:59
proxy categorization URLS
Baracuda - http://www.barracudacentral.org/report/website-category/www.example.org
Bluecoat - https://sitereview.bluecoat.com/sitereview.jsp
Bright Cloud - https://www.brightcloud.com/tools/url-ip-lookup.php
CheckPoint- https://www.checkpoint.com/urlcat/
Cisco - Scansafe - https://securityhub.cisco.com/web/submited_urls
@swtornio
swtornio / gist:fa9e6984a4619344db6e986527512ee7
Created December 8, 2022 22:09 — forked from jaredsburrows/gist:9e121d2e5f1147ab12a696cf548b90b0
full English translation of Phineas Fisher's account of how he took down HackingTeam - https://www.reddit.com/r/netsec/comments/4f3e6p/full_english_translation_of_phineas_fishers/
_ _ _ ____ _ _
| | | | __ _ ___| | __ | __ ) __ _ ___| | _| |
| |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / |
| _ | (_| | (__| < | |_) | (_| | (__| <|_|
|_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_)
A DIY Guide
@swtornio
swtornio / ms-msdt.MD
Created May 31, 2022 12:04 — forked from tothi/ms-msdt.MD
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@swtornio
swtornio / boilerplate.py
Created May 13, 2022 11:47 — forked from notareverser/boilerplate.py
Boilerplate Python script
#!/usr/bin/env python3
import argparse
import sys
import json
import logging
@swtornio
swtornio / nmap-http-url.py
Created April 28, 2022 23:29 — forked from tothi/nmap-http-url.py
Generate HTTP URLs from Nmap XML (and optionally use VirtualHosts)
#!/usr/bin/env python3
#
# inputs: nmap.xml (nmap scan xml output), subdomains.csv (optional virtualhost info, hostname + ip address csv file)
# output: url listing (useful for tools like EyeWitness)
#
# sample usage: ./nmap-http-url.py nmap.xml subdomains.csv | sort -u | gowitness file -f -
#
description = '''
Generate HTTP URLs from Nmap XML (and optionally additional VirtualHost listing, taken from e.g. subdomain enumeration).
@swtornio
swtornio / gist:f0fca7a5ca1e00fd36f607d905426bd9
Created January 16, 2022 16:44
Delete Xbox Apps from win10
PS C:\WINDOWS\system32> Get-AppxPackage -allusers XboxApp | Remove-AppxPackage
PS C:\WINDOWS\system32> Get-AppxPackage -allusers Microsoft.XboxGamingOverlay | Remove-AppxPackage
PS C:\WINDOWS\system32> Get-AppxPackage -allusers XboxApp | Remove-AppxPackage
@swtornio
swtornio / gist:2d8d7e2163aee81d921d10cf689bd291
Created August 10, 2019 14:44
notes
Uninstall a python app that used setup.py
> python setup.py install --record files.txt
> cat files.txt | xargs rm -rf
@swtornio
swtornio / tmux.conf
Last active August 6, 2022 03:09
tmux config
#############################################
## DEFAULT GENERAL SETTINGS (tmux show -g) ##
#############################################
set-option -g activity-action other
set-option -g assume-paste-time 1
set-option -g base-index 0
set-option -g bell-action any
set-option -g default-command ""
set-option -g default-shell "/bin/bash"