HTML Injection - Reflected (GET)
HTML Injection - Reflected (POST)
HTML Injection - Reflected (Current URL)
HTML Injection - Stored (Blog)
iFrame Injection
LDAP Injection (Search)
PacodiazDG
/ a.pac
Created
April 16, 2019 17:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function FindProxyForURL(url, host) { | |
| return "PROXY 192.168.1.87:3128; DIRECT"; | |
| } |
PacodiazDG
/ iptables.sh
Created
April 21, 2019 03:28
— forked from potem/iptables.sh
Basic IPTables server firewall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script is a basic IPTables server firewall with defenses against some | |
| # of the most common attack types. | |
| # | |
| # Basically you just have to add/remove ports in the first part of this script | |
| # and you should be ready to go. | |
| # | |
| # Help, comments and improvements always appreciated, also, feel free to | |
| # use, change and distribute. Cheers | |
| ip=/usr/sbin/iptables |
PacodiazDG
/ gist:b1a9ff24e1401ae2f156479295581934
Created
April 21, 2019 06:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # --------------------------------------------------------------- | |
| # Core ModSecurity Rule Set ver.2.2.9 | |
| # Copyright (C) 2006-2012 Trustwave All rights reserved. | |
| # | |
| # The OWASP ModSecurity Core Rule Set is distributed under | |
| # Apache Software License (ASL) version 2 | |
| # Please see the enclosed LICENCE file for full details. | |
| # --------------------------------------------------------------- | |
PacodiazDG
/ gist:223bc37318d12cbc76bbd84e92b5a22a
Created
April 26, 2019 16:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ./configure --sysconfdir=/etc/ | |
| make | |
| make install | |
| iptables -t nat -A PREROUTING -p tcp -m tcp --dport 1:21 -j REDIRECT --to-ports 4444 | |
| iptables -t nat -A PREROUTING -p tcp -m tcp --dport 23:79 -j REDIRECT --to-ports 4444 | |
| iptables -t nat -A PREROUTING -p tcp -m tcp --dport 81:65535 -j REDIRECT --to-ports 4444 | |
| portspoof -c /etc/portspoof.conf -s /etc/portspoof_signatures -D |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var _0x2a61=['string','constructor','while\x20(true)\x20{}','apply','counter','length','debu','gger','call','action','stateObject','init','chain','input','log','Hello\x20World!'];(function(_0x25ff53,_0x5e946c){var _0x45ae68=function(_0x568a18){while(--_0x568a18){_0x25ff53['push'](_0x25ff53['shift']());}};_0x45ae68(++_0x5e946c);}(_0x2a61,0x1eb));var _0x9c9f=function(_0x48b9da,_0x1e38c4){_0x48b9da=_0x48b9da-0x0;var _0x1a2628=_0x2a61[_0x48b9da];return _0x1a2628;};function hi(){var _0x11d12c=function(){var _0x8b34fc=!![];return function(_0x15a6d9,_0x29de7e){var _0x28a418=_0x8b34fc?function(){if(_0x29de7e){var _0x24e27f=_0x29de7e['apply'](_0x15a6d9,arguments);_0x29de7e=null;return _0x24e27f;}}:function(){};_0x8b34fc=![];return _0x28a418;};}();(function(){_0x11d12c(this,function(){var _0x9d1358=new RegExp('function\x20*\x5c(\x20*\x5c)');var _0x324132=new RegExp('\x5c+\x5c+\x20*(?:_0x(?:[a-f0-9]){4,6}|(?:\x5cb|\x5cd)[a-z0-9]{1,4}(?:\x5cb|\x5cd))','i');var _0x42db7f=_0x38e646(_0x9c9f('0x0'));if(!_0x9d1358['test'](_0x |
PacodiazDG
/ http2_apache2_ubuntu16.04.md
Created
May 1, 2020 02:08
— forked from GAS85/http2_apache2_ubuntu16.04.md
How to Enable HTTP/2 in Apache 2.4 on Ubuntu 16.04
-
Based on https://techwombat.com/enable-http2-apache-ubuntu-16-04/
-
This totorial is for an older Ubuntu 16.04, for a Ubuntu 18.04 please read here --> https://gist.github.com/GAS85/8dadbcb3c9a7ecbcb6705530c1252831
- A self-managed VPS or dedicated server with Ubuntu 16.04 running Apache 2.4.xx.
- For Ubuntu 18.04 please read here --> https://gist.github.com/GAS85/8dadbcb3c9a7ecbcb6705530c1252831
- A registered domain name with working HTTPS (TLS/SSL). HTTP/2 only works alongside HTTPS because most browsers, including Firefox and Chrome, don’t support HTTP/2 in cleartext (non-TLS) mode.
PacodiazDG
/ Determining Word Versions of Documents.md
Created
May 21, 2020 09:29
Determining Word Versions of Documents
Info version 「docProps \ app.xml」
12.0000 is Office 2007
14.0000 is Office 2010
15.0000 is Office 2013
16.0000 is Office 2016
PacodiazDG
/ gist:67aeae8b8b8ba691b91db36c35d17e52
Created
June 14, 2020 21:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Cross Assembly Obfuscation | |
| Symbol Renaming | |
| Advanced Overload Renaming | |
| String Encryption | |
| Constant Value/Array Encryption | |
| Control Flow Obfuscation | |
| Code Pattern Masking | |
| ILDASM Protection | |
| Anti-Reflection Protection |
PacodiazDG
/ gist:0e97b610bca24c36ab23c5dccadfc240
Created
June 29, 2020 11:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00401533 | 51 | push ecx | | |
| 00401534 | 81EC 34020000 | sub esp,234 | | |
| 0040153A | E8 010A0000 | call stack.401F40 | | |
| 0040153F | C70424 06404000 | mov dword ptr ss:[esp],stack.404006 | 404006:"kernel32.dll" | |
| 00401546 | A1 30614000 | mov eax,dword ptr ds:[<&GetModuleHandle | | |
| 0040154B | FFD0 | call eax | | |
| 0040154D | 83EC 04 | sub esp,4 | | |
| 00401550 | 8945 F4 | mov dword ptr ss:[ebp-C],eax | | |
| 00401553 | C74424 04 13404000 | mov dword ptr ss:[esp+4],stack.404013 | 404013:"SetProcessDEPPolicy" | |
| 0040155B | 8B45 F4 | mov eax,dword ptr ss:[ebp-C] | |