#Wireless Penetration Testing Cheat Sheet
##WIRELESS ANTENNA
- Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
netbiosX
/ FodhelperUACBypass.ps1
Last active
April 29, 2025 08:33
Bypass UAC via Fodhelper binary in Windows 10 systems
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| This script can bypass User Access Control (UAC) via fodhelper.exe | |
| It creates a new registry structure in: "HKCU:\Software\Classes\ms-settings\" to perform UAC bypass and starts | |
| an elevated command prompt. | |
| .NOTES | |
| Function : FodhelperUACBypass | |
| File Name : FodhelperUACBypass.ps1 |
Mcostart
/ mn-scanner.py
Created
January 23, 2017 02:09
Automate network scanning tasks using the nmap and masscan tools.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import xml.etree.ElementTree as ET | |
| import subprocess | |
| import time | |
| import os | |
| #http://xael.org/pages/python-nmap-en.html | |
| import nmap | |
| def parseMasscanReport(path): | |
| hostsPorts = {} |
tsunpoko
/ getadmin.py
Created
September 5, 2016 10:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import urllib | |
| import urllib2 | |
| url = 'http://gap.chal.ctf.westerns.tokyo/login.php' | |
| flag = 'TWCTF{' | |
| table = 'abcdefghijklmnopqrstuvwlyz' | |
| table += table.upper() | |
| table += '_{}' |
dogrocker
/ Wireless Penetration Testing Cheat Sheet.md
Created
July 2, 2016 18:30
Wireless Penetration Testing Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Add to .bashrc | |
| # You're welcome | |
| function soocat { | |
| socat tcp-l:${2},reuseaddr,fork EXEC:${1} | |
| } |
kevinnz
/ leetify.pl
Last active
September 20, 2022 13:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| use strict; | |
| use warnings; | |
| my %permution = ( | |
| "a" => "a4@&A", | |
| "b" => "bB", | |
| "c" => "cC", | |
| "d" => "dD", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| query IntrospectionQuery { | |
| __schema { | |
| queryType { name } | |
| mutationType { name } | |
| subscriptionType { name } | |
| types { | |
| ...FullType | |
| } | |
| directives { |
zmwangx
/ # Official Windows VM download URL archive.md
Last active
April 25, 2025 14:22
Official Windows VM download URL archive, from https://dev.modern.ie/tools/vms/mac/ — scratch that — https://developer.microsoft.com/en-us/microsoft-edge/api/tools/vms/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-DCSync | |
| { | |
| <# | |
| .SYNOPSIS | |
| Uses dcsync from mimikatz to collect NTLM hashes from the domain. | |
| Author: @monoxgas | |
| Improved by: @harmj0y |
worawit
/ cve-2015-0240_samba_exploit.py
Created
April 10, 2015 14:48
Exploit for Samba vulnerabilty (CVE-2015-0240)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| """ | |
| Exploit for Samba vulnerabilty (CVE-2015-0240) by sleepya | |
| The exploit only targets vulnerable x86 smbd <3.6.24 which 'creds' is controlled by | |
| ReferentID field of PrimaryName (ServerName). That means '_talloc_zero()' | |
| in libtalloc does not write a value on 'creds' address. | |
| Reference: | |
| - https://securityblog.redhat.com/2015/02/23/samba-vulnerability-cve-2015-0240/ |