Collection of BloodHound Cypher Query Examples
- I- Raw
- II- Built-In
- III- Custom
- IV- DB Manipulation
- V- REST API (PowerShell)
kaimi-
/ gist:6b3c99538dce9e3d29ad647b325007c1
Last active
October 30, 2025 12:28
Possible IP Bypass HTTP Headers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CACHE_INFO: 127.0.0.1 | |
| CF_CONNECTING_IP: 127.0.0.1 | |
| CF-Connecting-IP: 127.0.0.1 | |
| CLIENT_IP: 127.0.0.1 | |
| Client-IP: 127.0.0.1 | |
| COMING_FROM: 127.0.0.1 | |
| CONNECT_VIA_IP: 127.0.0.1 | |
| FORWARD_FOR: 127.0.0.1 | |
| FORWARD-FOR: 127.0.0.1 | |
| FORWARDED_FOR_IP: 127.0.0.1 |
j0lt-github
/ jsonpickle_vulnerable.txt
Last active
August 7, 2021 13:00
jsonpickle 1.4.2 vulnerable to RCE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Description: JsonPickle 1.4.2 allows remote code execution during deserialization of a malicious payload through the decode() function. | |
| VulnerabilityType: CWE-502: Deserialization of Untrusted Data | |
| Vendor of Product: https://github.com/jsonpickle/jsonpickle | |
| Affected Product Code Base: JsonPickle Python Module | |
| Attack Type: Remote | |
| Impact Code execution : True |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #general | |
| privilege::debug | |
| log | |
| log customlogfilename.log | |
| #sekurlsa | |
| sekurlsa::logonpasswords | |
| sekurlsa::logonPasswords full |
claui
/ install_jtool2.sh
Last active
September 5, 2024 09:34
How to install Jonathan Levin’s jtool2 on macOS 11.0 (Apple Silicon)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copy and paste the following snippet, including brackets, into the Terminal | |
| ( | |
| set -e; | |
| cd "$(mktemp -d)" | |
| curl -LO 'http://www.newosxbook.com/tools/jtool2.tgz' | |
| tar -x -f jtool2.tgz | |
| lipo jtool2 -thin x86_64 -output jtool2.x86_64 | |
| lipo disarm -thin x86_64 -output disarm.x86_64 | |
| sudo mkdir -p /usr/local/bin |
ignis-sec
/ bb-foxyproxy-pattern.json
Created
June 24, 2020 09:06
foxyproxy pattern (install Storage area explorer and import this file, foxyproxy import/export is broken)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "30523382": { | |
| "className": "Proxy", | |
| "data": { | |
| "bypassFPForPAC": true, | |
| "color": "#f57575", | |
| "configUrl": "", | |
| "credentials": "U2FsdGVkX1+tf3lvD5TBClW2UUSZAT4AWsCo/i0kU2M=", | |
| "cycle": false, | |
| "enabled": true, |
ignis-sec
/ ignis-top-100-most-common.txt
Created
June 21, 2020 08:19
Top 100 most common passwords from old public db leaks.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Password | Occurrence | |
| _____________|____________ | |
| 123456 |5377325 | |
| 123456789 |1962160 | |
| password |1190534 | |
| qwerty |869629 | |
| 12345678 |703220 | |
| 12345 |679886 | |
| 123123 |460430 | |
| 1234 |448199 |
keyboardcrunch
/ pydocexec.py
Created
April 30, 2020 02:24
Injects a python script inside a word document so the doc can be executed with python :)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import sys | |
| import os | |
| import zipfile | |
| import tempfile | |
| from xml.etree import ElementTree | |
| from shutil import copyfile | |
| def stuffer(py_file, doc_file): |
eladshamir
/ DnsTunnel.cs
Created
April 11, 2020 21:50
This simple program tunnels UDP DNS packets to a TCP port
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Net.Sockets; | |
| using System.Net; | |
| namespace DnsTunnel | |
| { | |
| class Program | |
| { | |
| static void OpenTunnel(int listenerPort, string targetHost, int targetPort) | |
| { |
ajxchapman
/ burp_scopes.py
Created
March 25, 2020 19:53
Turn a list of scopes into a Burpsuite target import JSON configuration file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import re | |
| import sys | |
| scopes = [] | |
| f = sys.stdin | |
| if len(sys.argv) == 2: | |
| f = open(sys.argv[1]) | |
| scopes_defs = [x.strip().lower() for x in f.readlines() if len(x.strip())] |
joeminicucci
/ BloodhoundCheatSheet.md
Created
February 13, 2020 05:54
DogWhisperer - BloodHound Cypher Cheat Sheet (v2)