Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
willurd
/ web-servers.md
Last active
November 13, 2024 13:44
Big list of http static server one-liners
kevin-smets
/ iterm2-solarized.md
Last active
November 14, 2024 15:40
iTerm2 + Oh My Zsh + Solarized color scheme + Source Code Pro Powerline + Font Awesome + [Powerlevel10k] - (macOS)
olliencc
/ dumpprivatekeypassword.c
Created
June 2, 2015 18:15
dump the password used by an openssl client for its private key using LD_PRELOAD and hooking the callback registration functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // based on https://git.lekensteyn.nl/peter/wireshark-notes/tree/src/ | |
| // Licensed under the terms of GPLv3 (or any later version) at your choice | |
| // | |
| // works for daemons which can be run in the foreground | |
| // | |
| // gcc nccsslpasswdlog.c -shared -o nccsslpasswdlog.so -fPIC -ldl | |
| // | |
| // | |
jcubic
/ cross-domain.js
Last active
December 10, 2018 20:34
Cross domain ajax request without CORS using iframe and postMessage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $.fn.crossDomainRequest = function(url, method, data, fn) { | |
| var self = this; | |
| var receiver = self.attr('src').replace(/\/.*$/, '').replace(/^https?::\/\//, ''); | |
| function get(event) { | |
| if (event.origin.match(receiver)) { | |
| // event.data is response from POST | |
| fn(event.data); | |
| } | |
| } | |
| if (window.addEventListener){ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| -------- dllinjshim.cpp -------- | |
| > cl /Fe:dllinjshim.exe dllinjshim.cpp | |
| > dllinjshim.exe | |
| > sdbinst moo.sdb | |
| /!\ On Windows 10 there is a new function `SdbIsKnownShimDll` called | |
| in `SdbGetDllPath` which will check the DLL name against the following list: |
dafthack
/ gist:8aa4ff60cd9352448a372ce1a7b2e27e
Created
April 11, 2017 14:50
Easy Metasploit Install on Windows Subsystem for Linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Steps to install Metasploit on Windows 10 using the Windows Subsystem for Linux | |
| 1.) Enable Developer Mode | |
| C:\> reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock" /t REG_DWORD /f /v "AllowDevelopmentWithoutDevLicense" /d "1" | |
| 2.) Enable Windows Subsystem for Linux | |
| C:\> DISM /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux | |
| 3.) Reboot |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* SMBLoris attack proof-of-concept | |
| * | |
| * Copyright 2017 Hector Martin "marcan" <[email protected]> | |
| * | |
| * Licensed under the terms of the 2-clause BSD license. | |
| * | |
| * This is a proof of concept of a publicly disclosed vulnerability. | |
| * Please do not go around randomly DoSing people with it. | |
| * | |
| * Tips: do not use your local IP as source, or if you do, use iptables to block |
mattifestation
/ CertTBSHash.ps1
Created
September 7, 2017 01:13
Calculates a ToBeSigned hash of a certificate, producing the same uniquely identifying hash present in code integrity rule sets.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Example: ls 'C:\Windows\System32\*' -Include '*.dll' | Get-AuthenticodeSignature | Select -ExpandProperty SignerCertificate | Get-TBSHash | |
| filter Get-TBSHash { | |
| [OutputType([String])] | |
| param ( | |
| [Parameter(Mandatory, ValueFromPipeline)] | |
| [Security.Cryptography.X509Certificates.X509Certificate2] | |
| $Certificate | |
| ) |
masthoon
/ SystemCMD.cpp
Last active
October 3, 2024 18:16
Launch SYSTEM CMD in user current session (from a service)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include <windows.h> | |
| #include <Winbase.h> | |
| #include <Wtsapi32.h> | |
| #include <Userenv.h> | |
| #include <malloc.h> | |
| #pragma comment(lib, "Wtsapi32.lib") | |
| #pragma comment(lib, "Userenv.lib") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import windows | |
| import windows.winproxy | |
| import windows.generated_def as gdef | |
| # List distro: wslconfig /l | |
| class WSLAPIProxy(windows.winproxy.ApiProxy): | |
| APIDLL = "wslapi" | |
| default_error_check = staticmethod(windows.winproxy.no_error_check) |
OlderNewer