Magnet links with URL param reges:
magnet:\?xt=urn:[a-zA-Z0-9]+:[a-zA-Z0-9]{32,40}(&dn=.*|&tr=.*)*
Nikita Medvedev nikallass
nikallass
/ Find secrets REGEX.md
Created
January 30, 2023 10:00
nikallass
/ check-smb-v3.11.sh
Created
March 11, 2020 04:57
CVE-2020-0796. Scan HOST/CIDR with nmap script smb-protocols.nse and grep SMB version 3.11.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ $# -eq 0 ] | |
| then | |
| echo $'Usage:\n\tcheck-smb-v3.11.sh TARGET_IP_or_CIDR' | |
| exit 1 | |
| fi | |
| echo "Checking if there's SMB v3.11 in" $1 "..." | |
| nmap -p445 --script smb-protocols -Pn -n $1 | grep -P '\d+\.\d+\.\d+\.\d+|^\|.\s+3.11' | tr '\n' ' ' | replace 'Nmap scan report for' '@' | tr "@" "\n" | grep 3.11 | tr '|' ' ' | tr '_' ' ' | grep -oP '\d+\.\d+\.\d+\.\d+' |
nikallass
/ rbcd_demo.ps1
Created
January 21, 2020 12:20
— forked from HarmJ0y/rbcd_demo.ps1
Resource-based constrained delegation computer DACL takeover demo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # import the necessary toolsets | |
| Import-Module .\powermad.ps1 | |
| Import-Module .\powerview.ps1 | |
| # we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account | |
| whoami | |
| # the target computer object we're taking over | |
| $TargetComputer = "primary.testlab.local" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # hotkey for prefrences /root/toggle_terminator.sh terminator | |
| # on first start run script manually to install dependencies | |
| # | |
| # This script does this: | |
| # launch an app if it isn't launched yet, | |
| # focus the app if it is launched but not focused, | |
| # minimize the app if it is focused. | |
| # | |
| # by desgua - 2012/04/29 |
nikallass
/ letsencrypt-webroot-apache.md
Created
September 4, 2018 11:47
— forked from daronco/letsencrypt-webroot-apache.md
Letsencrypt with webroot on Apache
Config Apache with /etc/apache2/conf-available/le.conf:
Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
<Directory "/var/www/html/">
AllowOverride None
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Require method GET POST OPTIONS
</Directory>
nikallass
/ subdomain.rb
Last active
October 13, 2019 21:32
— forked from ehsahil/subdomain.rb
Subdomain OSINT script, running several best tools.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Tools based on a resolver.rb by @melvinsh | |
| #Repository: https://github.com/melvinsh/subresolve | |
| #Modified by @ehsahil for Personal Use. | |
| #Modified by @nikallass for Personal Use. | |
| require 'socket' | |
| require 'colorize' | |
| begin | |
| if ARGV[0] == nil |
nikallass
/ github-recon
Created
July 2, 2018 16:21
— forked from ehsahil/github-recon
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| “Hackme.tld” API_key | |
| “Hackme.tld” secret_key | |
| “Hackme.tld” aws_key | |
| “Hackme.tld” Password | |
| “Hackme.tld” FTP | |
| “Hackme.tld” login | |
| “Hackme.tld” github_token | |
| “Hackme.tld” http:// & https:// | |
| “Hackme.tld” amazonaws | |
| “Hackme.tld” digitaloceanspaces |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$1" == "-h" ] || [ "$1" == "--help" ] || [[ $# -eq 0 ]] | |
| then | |
| me=`basename "$0"` | |
| echo "Find subdomains in PTR-archive http://ptrarchive.com/tools/search.htm?date=ALL&label=example.com" | |
| echo -e "Usage:\n\t./${me} [domain]" | |
| echo -e "Example:\n\t./${me} example.com" | |
| echo -e "\t./${me} -v example.com # Verbose output, includes IPs." | |
| exit 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| in armitage/armitage.jar | |
| in /scripts/meterpreter.sl | |
| replace line 381: | |
| from: if ($text ismatch '... (.*?):(\d+) - TCP OPEN') { | |
| to: if ($text ismatch '... (.*?): +- \1:(\d+) - TCP OPEN') { | |
nikallass
/ file-browser.jsp
Last active
April 18, 2023 04:32
File browser + cmd JSP shell (win+linux without modification)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%-- | |
| jsp File browser 1.2.1 | |
| nikallass added OS check, so shell can be executed on Windows and Linux without modifying now. | |
| Copyright (C) 2003-2006 Boris von Loesch | |
| This program is free software; you can redistribute it and/or modify it under | |
| the terms of the GNU General Public License as published by the | |
| Free Software Foundation; either version 2 of the License, or (at your option) | |
| any later version. |
NewerOlder