start new:
tmux
start new with session name:
tmux new -s myname
csanz
/ encrypt_decrypt.js
Created
August 30, 2011 16:06
Simple String Encryption & Decryption with Node.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function encrypt(text){ | |
| var cipher = crypto.createCipher('aes-256-cbc','d6F3Efeq') | |
| var crypted = cipher.update(text,'utf8','hex') | |
| crypted += cipher.final('hex'); | |
| return crypted; | |
| } | |
| function decrypt(text){ | |
| var decipher = crypto.createDecipher('aes-256-cbc','d6F3Efeq') | |
| var dec = decipher.update(text,'hex','utf8') |
SymbianSyMoh
/ encrypt_decrypt.js
Created
November 23, 2013 16:11
— forked from csanz/encrypt_decrypt.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function encrypt(text){ | |
| var cipher = crypto.createCipher('aes-256-cbc','d6F3Efeq') | |
| var crypted = cipher.update(text,'utf8','hex') | |
| crypted += cipher.final('hex'); | |
| return crypted; | |
| } | |
| function decrypt(text){ | |
| var decipher = crypto.createDecipher('aes-256-cbc','d6F3Efeq') | |
| var dec = decipher.update(text,'hex','utf8') |
EslaMx7
/ xss-game.md
Created
June 1, 2014 04:50
— forked from adriaandens/xss-game.md
Welcome, recruit! Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications. These nasty buggers can allow your enemies to steal or modify user data in your apps and you must learn to dispatch them, pronto!
At Google, we know very well how important these bugs are. In fact, Google is so serious about finding and fixing XSS issues that we are paying mercenaries up to $7,500 for dangerous XSS bugs discovered in our most sensitive products.
In this training program, you will learn to find and exploit XSS bugs. You'll use this knowledge to confuse and infuriate your adversaries by preventing such bugs from happening in your applications.
There will be cake at the end of the test.
EslaMx7
/ Resume FireFox Broken Downloads.py
Last active
November 20, 2015 12:08
a small Python script to modify the URL of paused downloading file in FireFox, this is very useful while downloading big file from a server that giving you a very limited time for your IP, you just need to pause the current download and update the file URL with the new one with this script then restart the browser to see the changes and resume y…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| __author__ = 'Eslam Hamouda | eslamx.com' | |
| import configparser | |
| import os.path | |
| import json | |
| import io | |
| # get the required files paths to access Firefox AppData | |
| win_user_profile = os.getenv('USERPROFILE') |
nullbind
/ SQL Server UNC Path Injection Cheatsheet
Last active
March 1, 2025 19:51
SQL Server UNC Path Injection Cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This is a list of SQL Server commands that support UNC path [injections] by default. | |
| The injections can be used to capture or replay the NetNTLM password hash of the | |
| Windows account used to run the SQL Server service. The SQL Server service account | |
| has sysadmin privileges by default in all versions of SQL Server. | |
| Note: This list is most likely not complete. | |
| ----------------------------------------------------------------------- | |
| -- UNC Path Injections Executable by the Public Fixed Server Role | |
| ----------------------------------------------------------------------- |
abarisani
/ usb_fingerprinting.md
Last active
January 5, 2025 22:03
Fingerprinting USB enumeration from different hosts
The following information illustrates the differences between macOS, Windows and Linux in USB device enumeration sequence.
Specifically the comparison covers USB Mass Storage device enumeration, implemented with the TamaGo USB driver on a USB armory Mk II running armory-ums.
Frycos
/ CSM_pocs.md
Created
November 16, 2020 18:55
Cisco Security Manager is an enterprise-class security management application that provides insight into and control of Cisco security and network devices. Cisco Security Manager offers comprehensive security management (configuration and event management) across a wide range of Cisco security appliances, including Cisco ASA Adaptive Security Appliances, Cisco IPS Series Sensor Appliances, Cisco Integrated Services Routers (ISRs), Cisco Firewall Services Modules (FWSMs), Cisco Catalyst, Cisco Switches and many more. Cisco Security Manager allows you to manage networks of all sizes efficiently-from small networks to large networks consisting of hundreds of devices.
Several pre-auth vulnerabilities were submitted to Cisco on 2020-07-13 and (according to Cisco) patched in version 4.22 on 2020-11-10. Release notes didn't state anything about the vulnerabilities, security advisories were not published. All payload are processed in the context of NT AUTHORITY\SYSTEM.