Cheatsheet for HackTheBox with common things to do while solving these CTF challenges.
Because a smart man once said:
Never google twice.
Matthew Conway mattreduce
☕
chronos2810
/ Radare2_cheatsheet.notes
Created
May 10, 2020 16:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ██▀███ ▄▄▄ ▓█████▄ ▄▄▄ ██▀███ ▓█████ | |
| ▓██ ▒ ██▒▒████▄ ▒██▀ ██▌▒████▄ ▓██ ▒ ██▒▓█ ▀ | |
| ▓██ ░▄█ ▒▒██ ▀█▄ ░██ █▌▒██ ▀█▄ ▓██ ░▄█ ▒▒███ | |
| ▒██▀▀█▄ ░██▄▄▄▄██ ░▓█▄ ▌░██▄▄▄▄██ ▒██▀▀█▄ ▒▓█ ▄ | |
| ░██▓ ▒██▒ ▓█ ▓██▒░▒████▓ ▓█ ▓██▒░██▓ ▒██▒░▒████▒ | |
| ░ ▒▓ ░▒▓░ ▒▒ ▓▒█░ ▒▒▓ ▒ ▒▒ ▓▒█░░ ▒▓ ░▒▓░░░ ▒░ ░ | |
| ░▒ ░ ▒░ ▒ ▒▒ ░ ░ ▒ ▒ ▒ ▒▒ ░ ░▒ ░ ▒░ ░ ░ ░ | |
| ░░ ░ ░ ▒ ░ ░ ░ ░ ▒ ░░ ░ ░ |
0xdabbad00
/ AWSExposedCredentialPolicy_DO_NOT_REMOVE
Created
April 10, 2020 18:34
Copy of AWSExposedCredentialPolicy_DO_NOT_REMOVE sent to me by someone
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Deny", | |
| "Action": [ | |
| "iam:UpdateAccessKey", | |
| "ec2:RequestSpotInstances", | |
| "organizations:InviteAccountToOrganization", | |
| "lightsail:DownloadDefaultKeyPair", |
knightsc
/ CoreServicesUIAgentClient.m
Created
December 24, 2019 16:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // main.m | |
| // | |
| // Created by Scott Knight on 12/12/19. | |
| // Copyright © 2019 Scott Knight. All rights reserved. | |
| // | |
| #import <Foundation/Foundation.h> | |
| #import <os/log.h> |
theevilbit
/ inject.c
Last active
December 16, 2024 03:57
DYLD_INSERT_LIBRARIES DYLIB injection in macOS / OSX deep dive
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <syslog.h> | |
| #include <stdlib.h> | |
| __attribute__((constructor)) | |
| static void customConstructor(int argc, const char **argv) | |
| { | |
| setuid(0); | |
| system("id"); | |
| printf("Hello from dylib!\n"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <sys/stat.h> | |
| #include <unistd.h> | |
| #include <mach/mach.h> | |
| #include <mach/mach_vm.h> | |
| #include <dlfcn.h> | |
| #include <objc/runtime.h> | |
ThomasObenaus
/ minimal.nomad
Created
January 6, 2019 10:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| job "fail-service" { | |
| datacenters = ["public-services"] | |
| type = "service" | |
| group "fail-service" { | |
| count = 1 | |
| task "fail-service" { | |
| driver = "docker" |
api0cradle
/ windows_privesc
Created
August 29, 2018 17:56
— forked from sckalath/windows_privesc
Windows Privilege Escalation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // What system are we connected to? | |
| systeminfo | findstr /B /C:"OS Name" /C:"OS Version" | |
| // Get the hostname and username (if available) | |
| hostname | |
| echo %username% | |
| // Get users | |
| net users | |
| net user [username] |
This is an incomplete, ever-changing curated list of content to assist people into the worlds of Data Science and Machine Learning. If you have a recommendation for something to add, please let me know. If something isn't here, it doesn't mean I don't recommend it, I just may not have had a chance to review it yet or not.
I will generally list things in order of easier to more formal/challenging content.
It may feel like there is an overwhelming amount of stuff for you to learn (because there is). But, there is a guided path that will get you there in time. You need to focus on Linear Algebra, Calculus, Statistics and probably Python (or R). Your best bet is to get a Safari Books Online account (https://www.safaribooksonline.com) which you may already have access to through school or work. If not, it is a reasonable way to get access to a tremendous number of books and videos.
I'm not saying you will get what you need out of everything here, but I have read/watched at least some of all of the following an
staaldraad
/ uid_awk.sh
Created
December 12, 2017 14:06
Get the uid, gid and user groups without touching /etc/passwd or running the `id` command
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| awk -F: 'END {print "uid:"u" gid:"g" groups:"gg}{if($1=="Uid"){split($2,a," ");u=a[1]}if($1=="Gid"){split($2,a," ");g=a[1]}if($1=="Groups"){gg=$2}}' /proc/self/status |