Skip to content

Instantly share code, notes, and snippets.

View mmutj's full-sized avatar

mmutj

View GitHub Profile
@Spix0r
Spix0r / 403-Bypass-Headers-List.txt
Created October 3, 2024 15:24
I’ve analyzed numerous tools, blogs, tweets, and other resources on bypassing 403 Forbidden errors using HTTP Headers Fuzzing techniques. After extensive research, I’ve compiled a list of headers you can fuzz to potentially bypass 403 restrictions.
Allow: CONNECT
Allow: GET
Allow: HEAD
Allow: POST
Allow: TRACE
Client-IP: 0
Client-IP: 0177.0000.0000.0001
Client-IP: 0x7F000001
Client-IP: 10.0.0.0
Client-IP: 10.0.0.1
@daniruiz
daniruiz / ld_library_path_exploit.sh
Last active November 3, 2024 15:38
Script that automatically generates malicious library and exploits binary through LD_LIBRARY_PATH Hijacking. The script generates the list of missing symbols, based on the specified library, and creates the version-script map file to avoid error messages when loading the new created malicious library.
#!/bin/sh
# ./ld_path_exploit.sh /usr/lib/libgpg-error.so.0 top
TARGET_LIB=$1
MISSING_SYMBOLS="$(readelf -s --wide ${TARGET_LIB} \
| grep 'FUNC\|OBJECT' \
| grep -v 'UND\|ABS' \
| awk '{print $8}' \
@0prrr
0prrr / All-Malware-Analysing.md
Created June 7, 2023 09:05

Install FlareVM on Windows 10 VM Machine

Credit to Flare VM for the script.

This gist is to pick a former version of the install script and have it installed successfully on a Windows 10 x64 1809 VM machine becuase the latest one doesn't work.

Note: FLARE VM should ONLY be installed on a virtual machine!

  • Prepare a Windows 10+ virtual machine
  • FLARE VM has been tested on Windows 10 1809 x64 and 20H2
@0prrr
0prrr / All-Red-Teaming.md
Last active March 4, 2025 05:50
Red Team Reading...
  • AAD
  • Active Directory
  • Cloud
  • Cobalt Strike / Aggressor Scripts
  • Recon
  • UAC
  • Metasploit
  • Infrastructure
  • SMB
  • VBA
@0prrr
0prrr / All-Mal-Dev.md
Last active August 31, 2025 05:32
Malware Dev Reading List
@ruevaughn
ruevaughn / 1_top+hacker_methodologies.md
Last active June 16, 2025 04:21
Hacker Methodologies & Tools (NEW)

The Top Hacker Methodologies & Tools Notes

By Chase. ** *

Nuclei Templates

Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting

@Rugby-Ball
Rugby-Ball / OpenSSL-Commands.md
Created March 16, 2022 22:09
A list of OpenSSL commands for converting PEM and PFX files for use with SSL certs #OpenSSL #Utility #Markdown #SSL_Certificate #Public

OpenSSL commands

Converting PFX to individual PEM files.

If you want to do a conversion to separate the individual PEM files out of the PFX file. Follow these steps below to get the three files.

  1. Private Key (.key)
  2. Certificate Body (.pem or .crt)
  3. CA Cert (.cer).

Private key extraction

@olafhartong
olafhartong / Windows-CLSID.csv
Last active September 7, 2025 21:34
We can't make this file beautiful and searchable because it's too large.
CLSID,ClassName
{0000031A-0000-0000-C000-000000000046},CLSID
{0000002F-0000-0000-C000-000000000046},CLSID CLSID_RecordInfo
{00000100-0000-0010-8000-00AA006D2EA4},CLSID DAO.DBEngine.36
{00000101-0000-0010-8000-00AA006D2EA4},CLSID DAO.PrivateDBEngine.36
{00000103-0000-0010-8000-00AA006D2EA4},CLSID DAO.TableDef.36
{00000104-0000-0010-8000-00AA006D2EA4},CLSID DAO.Field.36
{00000105-0000-0010-8000-00AA006D2EA4},CLSID DAO.Index.36
{00000106-0000-0010-8000-00AA006D2EA4},CLSID DAO.Group.36
{00000107-0000-0010-8000-00AA006D2EA4},CLSID DAO.User.36
@yezz123
yezz123 / Exploitation.md
Created May 24, 2021 12:09
Pentesting-Exploitation
@daniruiz
daniruiz / kali-shell-aliases-and-functions.sh
Last active June 27, 2025 10:18
rshell add PATH
##################################################
# Extra tools
# $ sudo apt install -y kali-linux-default bloodhound bloodhound-ce-python chisel chisel-common-binaries dirsearch enum4linux-ng feroxbuster goshs grc iputils-ping mssqlpwner nishang peass powercat rlwrap rubeus seclists sharphound shellter sshpass
# urlencode:
# $ sudo apt install gridsite-clients
# csharp:
# $ sudo apt install mono-csharp-shell mono-mcs
# Install flatpak
# -> https://www.kali.org/docs/tools/flatpak/
# Python2 pip