xaeroborg xaeroborg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| subfinder -d target.com -all -silent -t 10 | naabu -p "21,22,80,81,280,300,443,583,591,593,832,981,1010,1099,1311,2082,2087,2095,2096,2480,3000,3128,3333,4243,4444,4445,4567,4711,4712,4993,5000,5104,5108,5280,5281,5601,5800,6543,7000,7001,7002,7396,7474,8000,8001,8008,8009,8014,8042,8060,8069,8080,8081,8083,8088,8090,8091,8095,8118,8123,8172,8181,8222,8243,8280,8281,8333,8337,8443,8500,8530,8531,8834,8880,8887,8888,8983,9000,9001,9043,9060,9080,9090,9091,9092,9200,9443,9502,9800,9981,10000,10250,10443,11371,12043,12046,12443,15672,16080,17778,18091,18092,20720,28017,32000,55440,55672" -silent -nc | httprobe -prefer-https | xargs -P 10 -I @ bash -c "echo @ | gau" 2> /dev/null | grep -E "password|password\-reset|reset\-token|token\=" | anew -q urls.txt | |
| xargs -a urls.txt -P 5 -I @ bash -c "curl -ks -L \"@\" -H \"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36\" | grep -iE \"enter password|new password|new\-password|confirm password|co |
nongiach
/ smbcreate.sh
Last active
November 28, 2019 12:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author: @chaignc | |
| # DON't FORGET TO CHANGE THE PASSWORD !! | |
| # Add the following line into your ~/.bashrc | |
| alias smbcreate='docker run -it -p 139:139 -p 445:445 -v $PWD/smb:/mount \ | |
| dperson/samba -p \ | |
| -u "user;badpass" \ | |
| -s "mount;/mount;yes;no;no;user"' | |
| # This alias allows you to instantly share your current directory using smb |
leonjza
/ forward.sh
Created
October 1, 2019 10:06
Forward a new host port to a running docker container.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Add a firewall NAT rule to expose a port open in a docker container, on a host. | |
| # | |
| # This is only really useful if the container is already running, and you don't | |
| # want to/can't shut it down, but need a new incoming port open. | |
| # | |
| # Requires `jq` for parsing docker container information. | |
| # | |
| # 2019 @leonjza |
ihack4falafel
/ BH19RegChecker.py
Created
January 24, 2019 19:46
Simple python script that sends a text message as soon as BH19 training page goes live!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| #Python script that send your phone number a text as soon as Black Hat 2019 training goes live using Twilio | |
| #The script can be coupled with cronjob that runs every hour or whatever you may see fit | |
| from twilio.rest import Client | |
| import requests | |
| account_sid = '<your Twilio account SID>' | |
| auth_token = '<your Twilio authentication token>' | |
| client = Client(account_sid, auth_token) |