Skip to content

Instantly share code, notes, and snippets.

View lokori's full-sized avatar

Antti Virtanen lokori

View GitHub Profile
@lokori
lokori / mandros.py
Created January 14, 2019 07:04 — forked from xassiz/mandros.py
Reverse MSSQL shell
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
'''
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
'''
@lokori
lokori / .bash_profile
Created October 17, 2018 18:26
The good prompt from the bash profile. Line wrapping issues. Needs git-complete. Nice prompt
# start at home
cd ~
ln -sfv /usr/local/opt/redis/*.plist ~/Library/LaunchAgents
ln -sfv /usr/local/opt/mysql56/*.plist ~/Library/LaunchAgents
export PATH=./node_modules/.bin:$PATH
@lokori
lokori / getdomains.sh
Last active September 17, 2018 11:00 — forked from woltage/getdomains.sh
Skripti joka hakee Y-tunnuksella kaikki firman omistamat .fi -verkkotunnukset. (alkuperäinen https://gist.github.com/woltage/5b7a744f9562b9348c90c6e0d038d92a)
#!/bin/bash
## Y-Tunnukseen perustuva domainejen haku (.fi)
## Esimerkki: getdomains 1093944-1 # MTV Oy
# Laita tämä .bashrc tai .zshrc
# Käyttöesimerkkejä:
# Looppaa Y-tunnuksetn kaikki domainit läpi ja tee kysely
<!DOCTYPE html>
<html>
<head>
<title>Copy-Paste from Website to Terminal</title>
</head>
<style>
.codeblock {
background-color: lightyellow;
border: 1px dotted blue;
margin-left: 50px;
@lokori
lokori / xml-attacks.md
Created December 11, 2017 20:46 — forked from mgeeky/xml-attacks.md
XML Vulnerabilities and Attacks cheatsheet

XML Vulnerabilities

XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.

The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.


@lokori
lokori / zap_cli_scan.sh
Created October 31, 2017 12:14 — forked from ian-bartholomew/zap_cli_scan.sh
script to run owasp zap cli
#!/bin/sh
DOCKER=`which docker`
IMAGE='owasp/zap2docker-weekly'
URL='https://www.example.com'
ZAP_API_PORT='8090'
# Start our container
CONTAINER_ID=`$DOCKER run -d \
-p $ZAP_API_PORT:$ZAP_API_PORT \
@lokori
lokori / zap_cli_scan.sh
Created October 31, 2017 12:14 — forked from ian-bartholomew/zap_cli_scan.sh
script to run owasp zap cli
#!/bin/sh
DOCKER=`which docker`
IMAGE='owasp/zap2docker-weekly'
URL='https://www.example.com'
ZAP_API_PORT='8090'
# Start our container
CONTAINER_ID=`$DOCKER run -d \
-p $ZAP_API_PORT:$ZAP_API_PORT \
@lokori
lokori / awsenv.sh
Last active November 25, 2017 20:51 — forked from woowa-hsw0/assume_role.sh
Start AWS CLI Session with MFA Enabled (+Yubikey)
#!/bin/bash
# Original: https://gist.github.com/woowa-hsw0/caa3340e2a7b390dbde81894f73e379d
set -eu
umask 0022
TMPDIR=$(mktemp -d awsenv)
echo "TEMPDIR $TMPDIR"

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@lokori
lokori / MailinatorAliases
Created January 4, 2017 19:44 — forked from nocturnalgeek/MailinatorAliases
A list of alternate domains that point to @mailinator.com
@binkmail.com
@bobmail.info
@chammy.info
@devnullmail.com
@letthemeatspam.com
@mailinater.com
@mailinator.net
@mailinator2.com
@notmailinator.com
@reallymymail.com