Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
mgeeky
/ all.txt
Created
January 6, 2019 19:55
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
mgeeky
/ web-servers.md
Created
January 16, 2019 12:18
— forked from willurd/web-servers.md
Big list of http static server one-liners
mgeeky
/ burpscript.py
Created
January 16, 2019 16:08
— forked from mwielgoszewski/burpscript.py
This extension registers an IHttpListener configured to execute a custom script editable via the Script tab added to Burp. The script is executed in the context with the following global and local variables (extender, callbacks, helpers, toolFlag, messageIsRequest, messageInfo).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from java.awt import Font | |
| from javax.swing import JScrollPane, JTextPane | |
| from javax.swing.text import SimpleAttributeSet | |
| from burp import IBurpExtender, IExtensionStateListener, IHttpListener, ITab | |
| import base64 | |
| import traceback | |
mgeeky
/ gist:ad854f3e2418ca378770abdc054859d5
Created
January 26, 2019 10:35
— forked from carnal0wnage/gist:606c41ac6ec40bf5c69d4db96d9312e3
Red Team Books
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From: http://redteams.net/bookshelf/ | |
| Techie | |
| Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
| Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
| Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
| The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
| Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
| Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
| The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
mgeeky
/ Rulz.py
Last active
January 28, 2019 09:13
— forked from monoxgas/Rulz.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Rulz.py | |
| # Author: Nick Landers (@monoxgas) - Silent Break Security | |
| import os | |
| import sys | |
| import argparse | |
| import re | |
| import binascii | |
| import codecs |
mgeeky
/ ajnasz-blue.ini
Created
January 30, 2019 12:07
— forked from Ajnasz/ajnasz-blue.ini
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [skin] | |
| description=Ajnasz Blue Theme. Midnight Commander skin from Ajnasz. | |
| [Lines] | |
| horiz=─ | |
| vert=│ | |
| lefttop=┌ | |
| righttop=┐ | |
| leftbottom=└ | |
| rightbottom=┘ |
mgeeky
/ ExcelXLL.md
Created
February 5, 2019 22:43
— forked from ryhanson/ExcelXLL.md
Execute a DLL via .xll files and the Excel.Application object's RegisterXLL() method
A DLL can be loaded and executed via Excel by initializing the Excel.Application COM object and passing a DLL to the RegisterXLL method. The DLL path does not need to be local, it can also be a UNC path that points to a remote WebDAV server.
When delivering via WebDAV, it should be noted that the DLL is still written to disk but the dropped file is not the one loaded in to the process. This is the case for any file downloaded via WebDAV, and they are stored at: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV\.
The RegisterXLL function expects an XLL add-in which is essentially a specially crafted DLL with specific exports. More info on XLL's can be found on MSDN
The XLL can also be executed by double-clicking the .xll file, however there is a security warning. @rxwx has more notes on this here inc
mgeeky
/ cobaltstrike_sa.txt
Created
February 28, 2019 09:38
— forked from HarmJ0y/cobaltstrike_sa.txt
Cobalt Strike Situational Awareness Commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows version: | |
| reg query x64 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion | |
| Users who have authed to the system: | |
| ls C:\Users\ | |
| System env variables: | |
| reg query x64 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment | |
| Saved outbound RDP connections: |
mgeeky
/ pre-commit
Created
March 6, 2019 14:34
— forked from saliceti/pre-commit
Git pre-commit hook to check for AWS keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook | |
| # The checks are simple and can give false positives. Amend the hook in the specific repository. | |
| if git rev-parse --verify HEAD >/dev/null 2>&1 | |
| then | |
| against=HEAD | |
| else | |
| # Initial commit: diff against an empty tree object |
mgeeky
/ aws cli cheatsheet.md
Created
March 12, 2019 14:23
— forked from apolloclark/aws cli cheatsheet.md