-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
Andrew Luke Sw4mpf0x
carnal0wnage
/ gcp_enum.sh
Last active
January 24, 2024 18:06
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # gcloud auth activate-service-account --key-file=85.json | |
| # gcloud projects list | |
| project="my-project" | |
| space="" | |
| echo "gcloud auth list" | |
| gcloud auth list | |
| echo -e "$space" |
arbazkiraak
/ jsp-jstl-intruders.txt
Last active
April 24, 2023 02:06
wordlist generated Based on : https://medium.com/@adrien_jeanneau/how-i-was-able-to-list-some-internal-information-from-paypal-bugbounty-ca8d217a397c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ${0 } | |
| ${0 == pageList.maxPage} | |
| ${1} | |
| ${1 eq currentPageNumber } | |
| ${5} | |
| ${5/6} | |
| ${a+1 } | |
| ${a.academyName} | |
| ${a.academyNumber} | |
| ${academyNumber==a.academyNumber} |
FrankSpierings
/ README.md
Last active
February 20, 2025 10:48
Linux Container Escapes and Hardening
briangershon
/ gist:fa9feb08e6a65d52bdc35c738d8cf104
Created
January 8, 2017 07:57
Log Request Body for Debugging (golang)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| buf, bodyErr := ioutil.ReadAll(r.Body) | |
| if bodyErr != nil { | |
| log.Print("bodyErr ", bodyErr.Error()) | |
| http.Error(w, bodyErr.Error(), http.StatusInternalServerError) | |
| return | |
| } | |
| rdr1 := ioutil.NopCloser(bytes.NewBuffer(buf)) | |
| rdr2 := ioutil.NopCloser(bytes.NewBuffer(buf)) | |
| log.Printf("BODY: %q", rdr1) |
Product: Sagitta Brutalis 1080 (PN S3480-GTX-1080-2697-128)
Software: Hashcat v3.00-beta-145-g069634a, Nvidia driver 367.18
Accelerator: 8x Nvidia GTX 1080 Founders Edition
BuffaloWill
/ cloud_metadata.txt
Last active
January 22, 2025 09:59
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
apolloclark
/ aws cli cheatsheet.md
Last active
March 14, 2025 02:58
andrewlkho
/ gist:7373190
Last active
January 15, 2025 08:43
How to use authentication subkeys in gpg for SSH public key authentication
GPG subkeys marked with the "authenticate" capability can be used for public
key authentication with SSH. This is done using gpg-agent which, using the
--enable-ssh-support option, can implement the agent protocol used by SSH.
A working gpg2 setup is required. It may be possible to use gpg 1.4 but with gpg-agent compiled from gpg2. If you are using OS X 10.9 (Mavericks) then you may find the instructions [here][1] useful.
NewerOlder