fyxme
/ ntlmdecoder.py
Last active
November 2, 2022 11:33
— forked from aseering/ntlmdecoder.py
NTLM auth-string decoder
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ## On Microsoft RDWeb (Work resources - RemoteApp and Desktop Connection) Pages, | |
| ## You can force NTLM auth with the following command: | |
| ## > curl https://remote.vulnerable.com/RPC/ -H "Authorization: NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGAbEdAAAADw==" -v | |
| ## Decodes NTLM "Authenticate" HTTP-Header blobs. | |
| ## Reads the raw blob from stdin; prints out the contained metadata. | |
| ## Supports (auto-detects) Type 1, Type 2, and Type 3 messages. | |
| ## Based on the excellent protocol description from: |
fyxme
/ install-checkrain.sh
Last active
September 22, 2022 00:29
Checkrain jailbreak install script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script to install checkrain on Debian based distros | |
| # From https://checkra.in/linux | |
| # Easiet way to jailbreak, get a live usb Debian iso, install checkra1n and run checkra1n | |
| wget -O - https://assets.checkra.in/debian/archive.key | gpg --dearmor | sudo tee /usr/share/keyrings/checkra1n.gpg >/dev/null | |
| echo 'deb [signed-by=/usr/share/keyrings/checkra1n.gpg] https://assets.checkra.in/debian /' | sudo tee /etc/apt/sources.list.d/checkra1n.list | |
| sudo apt-get update |
fyxme
/ get_gists.py
Created
April 8, 2022 02:20
— forked from leoloobeek/get_gists.py
Download all gists for a specific user
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # first: mkdir user && cd user && cp /path/to/get_gists.py . | |
| # python3 get_gists.py user | |
| import requests | |
| import sys | |
| from subprocess import call | |
| user = sys.argv[1] | |
| r = requests.get('https://api.github.com/users/{0}/gists'.format(user)) |
fyxme
/ burp-target-scope-options.json
Last active
May 29, 2024 13:17
Burp Target Scope Options file to exclude all irrelevant stuff
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "target":{ | |
| "scope":{ | |
| "advanced_mode":true, | |
| "exclude":[ | |
| { | |
| "enabled":true, | |
| "host":".*\\.google\\.com", | |
| "protocol":"any" | |
| }, |
fyxme
/ sqlmap-proxy.go
Last active
October 10, 2024 16:07
Golang proxy example to abuse more complex SQL injections which may not be picked up by sqlmap. For example, SQL injections in CTF challenges
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| /* | |
| Golang proxy example to abuse more complex SQL injections which may not be picked up by sqlmap. For example, SQL injections in CTF challenges | |
| */ | |
| import ( | |
| "fmt" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import math | |
| def isPrime(n): | |
| """ Check if n is prime using trial division as our primality test """ | |
| if n%2 == 0 and n > 2: | |
| # takes care of all the even numbers | |
| return False |
fyxme
/ playing_cards.py
Created
September 7, 2017 06:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from random import random | |
| from time import time | |
| from multiprocessing import Pool | |
| import matplotlib.pyplot as plt | |
| def _avg(results): | |
| return sum(results) / float(len(results)) | |
| def _range(results): |
NewerOlder