nullenc0de
nullenc0de
/ init_recon.sh
Last active
January 25, 2025 18:09
Reconnaissance automation script that combines multiple tools for thorough target scanning.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Function to display usage/help information | |
| show_help() { | |
| cat << EOF | |
| Usage: $(basename "$0") [-h] [-i INPUT] | |
| Reconnaissance automation script that combines multiple tools for thorough target scanning. | |
| Options: |
nullenc0de
/ exposed-pki-infrastructure.yaml
Created
December 5, 2024 20:39
Exposed Internal PKI Infrastructure Detection nuclei template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: exposed-pki-infrastructure | |
| info: | |
| name: Exposed Internal PKI Infrastructure Detection | |
| author: nullenc0de | |
| severity: critical | |
| description: Detects exposed internal PKI infrastructure including CRL distribution points and OCSP responders | |
| tags: pki,exposure,misconfig | |
| requests: | |
| - method: GET |
nullenc0de
/ dll_hijack_hunter
Created
November 8, 2024 17:20
netexec smb TARGET -u ADMIN -p PASS -M dll_hijack_hunter -o CHECK_PERMISSIONS=True EXPORT_RESULTS=True OUTPUT_FILE=results.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from typing import List, Dict, Optional | |
| import os | |
| import json | |
| from datetime import datetime | |
| import threading | |
| from queue import Queue | |
| from nxc.helpers.logger import highlight | |
| import re | |
| class ServiceInfo: |
nullenc0de
/ task_explorer
Created
November 8, 2024 17:18
netexec smb TARGET -u ADMIN -p PASS -M task_explorer -o EXPORT_XML=True OUTPUT_DIR=./tasks SCAN_CREDS=True
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from datetime import datetime | |
| import xml.etree.ElementTree as ET | |
| from typing import List, Dict, Optional | |
| import os | |
| import re | |
| from impacket.dcerpc.v5.dcom.wmi import WBEMSTATUS | |
| from nxc.helpers.logger import highlight | |
| class TaskVulnerability: | |
| def __init__(self, name: str, path: str, command: str, author: str, |
nullenc0de
/ sensitive_search
Created
November 8, 2024 17:16
netexec smb TARGET -u USER -p PASS -M sensitive_search -o MAX_DEPTH=5 EXTENSIONS=.txt,.log,.config OUTPUT_FILE=findings.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from datetime import datetime | |
| from typing import List, Dict | |
| import re | |
| from nxc.helpers.logger import highlight | |
| from concurrent.futures import ThreadPoolExecutor, as_completed | |
| import json | |
| class NXCModule: | |
| name = "sensitive_search" | |
| description = "Search for files containing sensitive data patterns in shares with custom regex support" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # NetExec Runbook | |
| ## No Authentication (Anonymous) | |
| ### NFS Enumeration | |
| ```bash | |
| netexec nfs TARGET_HOST -u "" -p "" --shares | |
| netexec nfs TARGET_HOST -u "" -p "" --enum-shares | |
| ``` |
nullenc0de
/ prototype-pollution-gadget-detector.yaml
Created
October 25, 2024 16:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| id: prototype-pollution-gadget-detector | |
| info: | |
| name: Prototype Pollution Gadget Detector | |
| author: nullenc0de | |
| severity: high | |
| description: | | |
| Detects potential prototype pollution gadgets in web applications that could lead to SSRF, RCE or information disclosure. | |
| # References for the issue | |
| reference: |
nullenc0de
/ services.json
Last active
October 24, 2024 13:05
misconfig-mapper -target "canva" -service "*" -headers "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" -delay 1000 -timeout 10000 |grep "Service:"
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "id": 0, | |
| "request": { | |
| "method": "GET", | |
| "baseURL": "https://{TARGET}.atlassian.net", | |
| "path": [ | |
| "/secure/Signup!default.jspa" | |
| ], | |
| "body": null |
nullenc0de
/ openapi_summary.py
Created
September 23, 2024 18:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import sys | |
| from collections import Counter | |
| def analyze_openapi_spec(spec): | |
| endpoint_count = 0 | |
| request_count = 0 | |
| endpoints = [] | |
| method_counts = Counter() | |
| parameter_counts = Counter() |
nullenc0de
/ CVE-2024-38063.py
Created
August 16, 2024 14:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class IPv6Packet: | |
| def __init__(self, main_header_length, extension_headers): | |
| self.main_header_length = main_header_length | |
| self.extension_headers = extension_headers | |
| def process_packet(packet): | |
| total_length = packet.main_header_length | |
| # Vulnerable loop: doesn't check for integer underflow | |
| for header_length in packet.extension_headers: |