Skip to content

Instantly share code, notes, and snippets.

View h4sh5's full-sized avatar

h4sh h4sh5

119 followers · 12 following
View GitHub Profile
@h4sh5
h4sh5 / analyze_http_logs_for_sus_exploit_exfil.py
Created August 6, 2025 14:04
Totally not generated by Qwen3-235B (tested)
#!/usr/bin/env python3
import re
import sys
from collections import defaultdict
# prompt: write a python script that would take a web server log file access.log and scan it for evidence of data exfiltration after a vulnerability has been exploited to create a web shell
# Configuration thresholds
LONG_QUERY_THRESHOLD = 1000 # Characters
LARGE_RESPONSE_THRESHOLD = 100000 # Bytes (100KB)
@h4sh5
h4sh5 / query-ldap-no-rsat.md
Last active December 7, 2024 23:42
Powershell query AD LDAP without RSAT

(New-Object DirectoryServices.DirectorySearcher("(&(objectCategory=group)(name=Domain Admins))")) .FindAll().Properties['Member']

Working better with output: (function from https://petri.com/expanding-active-directory-searcher-powershell/)

Function Convert-ADSearchResult {
[cmdletbinding()]
Param(
[Parameter(Position = 0,Mandatory,ValueFromPipeline)]
[ValidateNotNullorEmpty()]
@h4sh5
h4sh5 / gist-search.md
Created December 7, 2024 23:13
Searching github gists
@h4sh5
h4sh5 / dillo-plus.md
Created May 4, 2024 21:57
compiling dillo-plus on macos
@h4sh5
h4sh5 / RC4.c
Created April 28, 2024 01:54 — forked from rverton/RC4.c
/*
robin verton, dec 2015
implementation of the RC4 algo
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define N 256 // 2^8
@h4sh5
h4sh5 / Exploitation.md
Created February 16, 2024 15:48 — forked from yezz123/Exploitation.md
Pentesting-Exploitation
@h4sh5
h4sh5 / smtp_send_email.py
Created January 13, 2024 08:21
send email (text and html) using python
#!/usr/bin/env python3
import sys
import smtplib
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
import dns.resolver
msg = MIMEMultipart('alternative')
@h4sh5
h4sh5 / touchid_sudo.sh
Last active October 14, 2023 06:13 — forked from RichardBronosky/touchid_sudo.sh
Use TouchID for sudo on modern MacBook Pro machines
#!/bin/bash
# curl -sL https://gist.githubusercontent.com/RichardBronosky/31660eb4b0f0ba5e673b9bc3c9148a70/raw/touchid_sudo.sh | bash
# This script is ready to copy-paste in whole, or just the line above (without the leading #)
# Use TouchID for sudo on modern MacBook Pro machines
# This script adds a single line to the top of the PAM configuration for sudo
# See: https://apple.stackexchange.com/q/259093/41827 for more info.
touchid_sudo(){
@h4sh5
h4sh5 / squidproxy.sh
Created September 17, 2023 03:42
docker run --name squid-container -e TZ=UTC -p 3128:3128 ubuntu/squid:5.2-22.04_beta
@h4sh5
h4sh5 / tracing.dockerfile
Created August 17, 2023 22:51
python tracing pip with hunter
FROM python:3.10-buster
RUN pip install hunter
# COPY /entrypoint.sh /
CMD PYTHONHUNTER="Q(module='pip')|Q(module='os')|Q(module='subprocess')" python -m pip install requests