Skip to content

Instantly share code, notes, and snippets.

View SymbianSyMoh's full-sized avatar
🎯
Focusing

Mohamed A. Basset SymbianSyMoh

🎯
Focusing
567 followers · 74 following
View GitHub Profile
@Frycos
Frycos / CSM_pocs.md
Created November 16, 2020 18:55

TLDR

Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.

Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.

@abarisani
abarisani / usb_fingerprinting.md
Last active January 5, 2025 22:03
Fingerprinting USB enumeration from different hosts

Introduction

The following information illustrates the differences between macOS, Windows and Linux in USB device enumeration sequence.

Specifically the comparison covers USB Mass Storage device enumeration, implemented with the TamaGo USB driver on a USB armory Mk II running armory-ums.

@nullbind
nullbind / SQL Server UNC Path Injection Cheatsheet
Last active March 1, 2025 19:51
SQL Server UNC Path Injection Cheatsheet
This is a list of SQL Server commands that support UNC path [injections] by default.
The injections can be used to capture or replay the NetNTLM password hash of the
Windows account used to run the SQL Server service. The SQL Server service account
has sysadmin privileges by default in all versions of SQL Server.
Note: This list is most likely not complete.
-----------------------------------------------------------------------
-- UNC Path Injections Executable by the Public Fixed Server Role
-----------------------------------------------------------------------
@EslaMx7
EslaMx7 / Resume FireFox Broken Downloads.py
Last active November 20, 2015 12:08
a small Python script to modify the URL of paused downloading file in FireFox, this is very useful while downloading big file from a server that giving you a very limited time for your IP, you just need to pause the current download and update the file URL with the new one with this script then restart the browser to see the changes and resume y…
__author__ = 'Eslam Hamouda | eslamx.com'
import configparser
import os.path
import json
import io
# get the required files paths to access Firefox AppData
win_user_profile = os.getenv('USERPROFILE')
@EslaMx7
EslaMx7 / xss-game.md
Created June 1, 2014 04:50 — forked from adriaandens/xss-game.md

XSS-game by Google

Welcome, recruit! Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications. These nasty buggers can allow your enemies to steal or modify user data in your apps and you must learn to dispatch them, pronto!

At Google, we know very well how important these bugs are. In fact, Google is so serious about finding and fixing XSS issues that we are paying mercenaries up to $7,500 for dangerous XSS bugs discovered in our most sensitive products.

In this training program, you will learn to find and exploit XSS bugs. You'll use this knowledge to confuse and infuriate your adversaries by preventing such bugs from happening in your applications.

There will be cake at the end of the test.

@SymbianSyMoh
SymbianSyMoh / encrypt_decrypt.js
Created November 23, 2013 16:11 — forked from csanz/encrypt_decrypt.js
function encrypt(text){
var cipher = crypto.createCipher('aes-256-cbc','d6F3Efeq')
var crypted = cipher.update(text,'utf8','hex')
crypted += cipher.final('hex');
return crypted;
}
function decrypt(text){
var decipher = crypto.createDecipher('aes-256-cbc','d6F3Efeq')
var dec = decipher.update(text,'hex','utf8')
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active April 24, 2025 05:05
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@csanz
csanz / encrypt_decrypt.js
Created August 30, 2011 16:06
Simple String Encryption & Decryption with Node.js
function encrypt(text){
var cipher = crypto.createCipher('aes-256-cbc','d6F3Efeq')
var crypted = cipher.update(text,'utf8','hex')
crypted += cipher.final('hex');
return crypted;
}
function decrypt(text){
var decipher = crypto.createDecipher('aes-256-cbc','d6F3Efeq')
var dec = decipher.update(text,'hex','utf8')