Skip to content

Instantly share code, notes, and snippets.

View jivoi's full-sized avatar
:electron:
living off the land!

EK_ jivoi

:electron:
living off the land!
2.4k followers · 195 following
View GitHub Profile
@jivoi
jivoi / autoburp.sh
Created March 9, 2018 08:45 — forked from jgamblin/autoburp.sh
Automatic Burp Script With Slack Reporting.
#!/bin/sh
java -jar -Xmx2g -Djava.awt.headless=true ~/BurpSuitePro/burpsuite_pro.jar http jerrygamblin.com 80
cp *.html ~/BurpSuitePro/scan.html
wkhtmltopdf scan.html scan.pdf
curl -F [email protected] -F initial_comment="BurpProxy JerryGamblin.com Scan" -F channels=#burpreports -F token=(Your Token) https://slack.com/api/files.upload
rm *.html
rm *.pdf
@jivoi
jivoi / audit.rules
Created January 23, 2018 14:24 — forked from Neo23x0/audit.rules
Linux Auditd Best Practice Configuration
# ___ ___ __ __
# / | __ ______/ (_) /_____/ /
# / /| |/ / / / __ / / __/ __ /
# / ___ / /_/ / /_/ / / /_/ /_/ /
# /_/ |_\__,_/\__,_/_/\__/\__,_/
#
# Linux Audit Daemon - Best Practice Configuration
# /etc/audit/audit.rules
#
# Compiled by Florian Roth
@jivoi
jivoi / bh-downloader.py
Created July 28, 2017 15:28
Black Hat brifiengs document downloader script
# -*- coding: utf-8 -*-
import requests
import os
from time import time as timer
from bs4 import BeautifulSoup
from multiprocessing.dummy import Pool as ThreadPool
# import for "'ascii' codec can't decode byte" error
import sys
@jivoi
jivoi / bhpdfdown.sh
Created July 28, 2017 08:08
Download BH PDFs
#!/bin/bash
curl -s https://www.blackhat.com/us-17/briefings.html | egrep 'https://www.blackhat.com/docs/us-17/.*\.pdf' | awk -F '"' '{ print $4 }' | while read URL;
do
F=$(basename $URL)
if [ ! -r $F ]; then
curl -s -o $F $URL
echo "Scrapped $f"
fi
done
@jivoi
jivoi / gist:a33ace2e25515a31aa2ffbae246d98c9
Created June 14, 2017 13:27
Serving Random Payloads with NGINX
# Serving Random Payloads with NGINX
# add set_random module https://github.com/openresty/set-misc-nginx-module#set_random
# edit file /etc/nginx/sites-enabled/default
set_random $uri 1 3;
map $uri $payloads {
1 /payload.lnk;
2 /payload.hta;
3 /payload.exe;
@jivoi
jivoi / gist:e4c40c9552e0e077bf1b71516c69c50c
Created April 12, 2017 11:04 — forked from dafthack/gist:8aa4ff60cd9352448a372ce1a7b2e27e
Easy Metasploit Install on Windows Subsystem for Linux
Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux
1.) Enable Developer Mode
C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1"
2.) Enable Windows Subsystem for Linux
C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux
3.) Reboot
@jivoi
jivoi / how-to-oscp-final.md
Created April 10, 2017 12:45 — forked from unfo/how-to-oscp-final.md

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@jivoi
jivoi / gce_gpu_hashcat_benchmark.txt
Created February 26, 2017 12:08 — forked from anonymous/gce_gpu_hashcat_benchmark.txt
Hashcat benchmark output from a GCE instance with 8 Tesla GPUs connected
hashcat (v3.30) starting in benchmark mode...
...
OpenCL Platform #1: NVIDIA Corporation
======================================
* Device #1: Tesla K80, 2047/11439 MB allocatable, 13MCU
* Device #2: Tesla K80, 2047/11439 MB allocatable, 13MCU
* Device #3: Tesla K80, 2047/11439 MB allocatable, 13MCU
* Device #4: Tesla K80, 2047/11439 MB allocatable, 13MCU
* Device #5: Tesla K80, 2047/11439 MB allocatable, 13MCU
@jivoi
jivoi / bot
Created February 20, 2017 19:48 — forked from mcsepes/bot
https://habrahabr.ru/post/322232/
#!/bin/bash
python3 bot.py
@jivoi
jivoi / DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Created February 17, 2017 06:49 — forked from carnal0wnage/DevOOPS: Attacks And Defenses For DevOps Toolchains Talk Links
Links from Chris Gates/Ken Johnson DevOOPS RSA 17 presentation