stuartw1
/ install-openvpn3-kali.sh
Last active
January 26, 2025 11:18
install openvpn3 and dependencies on Kali Linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # The following commands should install openvpn3 successfully on Kali Linux as of 2023-10-11 | |
| # Please check libssl1.1 version is newest at https://packages.debian.org/bullseye/amd64/libssl1.1 | |
| # PM me if broken and I will update | |
| # Thanks to the following for bug reports / additions | |
| # asingh-lp, Pyr0technicien | |
| # update packages | |
| sudo apt update |
clod81
/ esc1.ps1
Created
February 23, 2023 19:18
— forked from b4cktr4ck2/esc1.ps1
PowerShell script to exploit ESC1/retrieve your own NTLM password hash.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Thank you @NotMedic for troubleshooting/validating stuff! | |
| $password = Read-Host -Prompt "Enter Password" | |
| #^^ Feel free to hardcode this for running in a beacon/not retyping it all the time! | |
| $server = "admin" #This will just decide the name of the cert request files that are created. I didn't want to change the var name so it's server for now. | |
| $CERTPATH = "C:\Users\lowpriv\Desktop\" #Where do you want the cert requests to be stored? | |
| $CAFQDN = "dc01.alexlab.local" #hostname of underlying CA box. | |
| $CASERVER = "alexlab-dc01-ca" #CA name. | |
| $CA = $CAFQDN + "\" + $CASERVER |
b4cktr4ck2
/ esc1.ps1
Created
February 22, 2023 21:50
PowerShell script to exploit ESC1/retrieve your own NTLM password hash.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Thank you @NotMedic for troubleshooting/validating stuff! | |
| $password = Read-Host -Prompt "Enter Password" | |
| #^^ Feel free to hardcode this for running in a beacon/not retyping it all the time! | |
| $server = "admin" #This will just decide the name of the cert request files that are created. I didn't want to change the var name so it's server for now. | |
| $CERTPATH = "C:\Users\lowpriv\Desktop\" #Where do you want the cert requests to be stored? | |
| $CAFQDN = "dc01.alexlab.local" #hostname of underlying CA box. | |
| $CASERVER = "alexlab-dc01-ca" #CA name. | |
| $CA = $CAFQDN + "\" + $CASERVER |
coolaj86
/ ChatGPT-Dan-Jailbreak.md
Last active
March 13, 2025 22:08
miticollo
/ How-to-build-frida-server-for-ios.md
Last active
February 3, 2025 16:44
How to build frida server for iOS jailbroken devices
Here, I'll show you how to compile Frida for both rootfull and rootless jailbreaks.
On Dopamine/Fugu15 Max or palera1n you can add my repo (open the link in your favorite browser on your jailbroken iDevice).
The DEBs you will install are build using the following instructions.
tothi
/ minimal-defender-bypass.profile
Last active
January 1, 2025 22:23
Minimal Cobalt Strike C2 Profile for Bypassing Defender
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # in addition to the profile, a stage0 loader is also required (default generated payloads are caught by signatures) | |
| # as stage0, remote injecting a thread into a suspended process works | |
| set host_stage "false"; | |
| set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 Edg/96.0.1054.62"; | |
| set sleeptime "10000"; | |
| stage { | |
| set allocator "MapViewOfFile"; | |
| set name "notevil.dll"; |
r4ulcl
/ pcapFilter.sh
Last active
December 30, 2024 11:10
Ttshark filter script to get WPA-EAP Identities, EAP certs, HTTP passwords, Handshakes, DNS queries, NBTNS queries and LLMNR queries. Reading a file or a folder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #author : Raul Calvo Laorden ([email protected]) | |
| #description : Script to get WPA-EAP Identities, EAP certs, HTTP passwords, Handshakes, DNS queries, NBTNS queries and LLMNR queries | |
| #date : 2021-06-24 | |
| #usage : bash pcapFilter.sh -f <pcap/folder> [options] | |
| #----------------------------------------------------------------------------------------------------------- | |
| red=`tput setaf 1` | |
| green=`tput setaf 2` |
I'll spare everyone the rant. This gist will be an all business how to revert to WSL (Windows Subsystem for Linux) on Windows 10 from version 2 back to version 1.
Note that enabling Hyper-V destabilized the (highly managed) system my company provides me. This is probably unique to the image used for the machine and the updates that base has received. So I'm not surprised by the issues people are having with Hyper-V and the Virtual Machine Platform.
My personal Windows virtual machines remain on WSL 1 because I just don't have the energy to deal with all the drama when I've already put in a full shift at work.
kaimi-
/ gist:6b3c99538dce9e3d29ad647b325007c1
Last active
March 10, 2025 15:22
Possible IP Bypass HTTP Headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CACHE_INFO: 127.0.0.1 | |
| CF_CONNECTING_IP: 127.0.0.1 | |
| CF-Connecting-IP: 127.0.0.1 | |
| CLIENT_IP: 127.0.0.1 | |
| Client-IP: 127.0.0.1 | |
| COMING_FROM: 127.0.0.1 | |
| CONNECT_VIA_IP: 127.0.0.1 | |
| FORWARD_FOR: 127.0.0.1 | |
| FORWARD-FOR: 127.0.0.1 | |
| FORWARDED_FOR_IP: 127.0.0.1 |
j0lt-github
/ jsonpickle_vulnerable.txt
Last active
August 7, 2021 13:00
jsonpickle 1.4.2 vulnerable to RCE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Description: JsonPickle 1.4.2 allows remote code execution during deserialization of a malicious payload through the decode() function. | |
| VulnerabilityType: CWE-502: Deserialization of Untrusted Data | |
| Vendor of Product: https://github.com/jsonpickle/jsonpickle | |
| Affected Product Code Base: JsonPickle Python Module | |
| Attack Type: Remote | |
| Impact Code execution : True |
NewerOlder