This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Sway WM screen + audio recorder | |
| # original author: Aaron D. Fields | |
| # blog post: https://blog.spirotot.com/2017/08/21/a-dirty-hack-to-enable-acceptable-sway-wm-screen-recording/ | |
| # currently error 503 :-( | |
| # | |
| # Updated version: ernierasta | |
| # Repo: https://gist.github.com/ernierasta | |
| # | |
| # Changelog: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo -e "\e[97mPlease enter password for Synapse/Matrix root user:\e[0m"; | |
| read -s password | |
| echo -e "\e[97mEnter user you'd like to deactivate\e[0m"; | |
| read user | |
| url_user=`echo -n "$user" | jq -s -R -r @uri` | |
| json=`curl -s --insecure -XPOST -d '{"type":"m.login.password", "user":"root", "password":"'$password'"}' "https://localhost:8448/_matrix/client/r0/login"` | |
| access_token=`echo "$json" | jq -r ".access_token"` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Please use the package https://github.com/chmike/domain as is it maintained up to date with tests. | |
| // checkDomain returns an error if the domain name is not valid. | |
| // See https://tools.ietf.org/html/rfc1034#section-3.5 and | |
| // https://tools.ietf.org/html/rfc1123#section-2. | |
| func checkDomain(name string) error { | |
| switch { | |
| case len(name) == 0: | |
| return nil // an empty domain name will result in a cookie without a domain restriction | |
| case len(name) > 255: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import requests | |
| import threading | |
| import HTMLParser | |
| from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler | |
| ''' | |
| Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration | |
| Author: @xassiz | |
| ''' |
r3k2
/ gist:1f6f4afc2de1006de4e56e6e9a7d4b20
Created
March 2, 2018 17:26
— forked from joernchen/gist:3623896
XXE to RCE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This turns https://www.sec-consult.com/files/20120626-0_zend_framework_xxe_injection.txt | |
| into a Remote Command Execution: | |
| NOTE: It relies on the PHP expect module being loaded | |
| (see http://de.php.net/manual/en/book.expect.php) | |
| joern@vbox-1:/tmp$ cat /var/www/server.php | |
| <? | |
| require_once("/usr/share/php/libzend-framework-php/Zend/Loader/Autoloader.php"); | |
| Zend_Loader_Autoloader::getInstance(); |
chrisdoman
/ OTX Example API Calls
Created
November 29, 2017 19:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| = Examples of how OTX API calls relate different indicator types = | |
| Official documentation is available at https://otx.alienvault.com/api but may be missing a couple of the newer calls | |
| These are some unofficial notes | |
| The API key below is for a dummy demo account. It should work but I would suggest using your own. | |
| Some of the JSON responses are quite nested, and editor such as http://jsoneditoronline.org/ may be useful | |
| == Input: Hostname / Domain == | |
| The following calls can be made for both domains and hostname, ie you can swap 'hostname' with 'domain' below. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env ruby | |
| # Hispgatos | |
| # by ReK2, Fernandez Chris | |
| # https://keybase.io/cfernandez | |
| # Bruteforce password protected documents hidden inside images | |
| # add you dictionary below to the dic variable | |
| # of course you need to have installed steghide | |
| require 'open3' |
Plazmaz
/ netcat-webserver.sh
Last active
May 7, 2021 02:08
A one-liner for a netcat webserver w/ sane logging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done' | |
| # Original (no sudo): | |
| # while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80 |egrep -v "Accept" |egrep -v "Content-Length" |egrep -v "Host" |egrep -vi "cache"; done | |
| # Raw (Skip filtering header lines): | |
| # sudo bash -c 'while true; do echo "HTTP/1.1 200 OK\n\n" |nc -l -p 80; done' |
HardenedArray
/ Efficient Encrypted UEFI-Booting Arch Installation
Last active
March 18, 2025 17:50
An effcient method to install Arch Linux with encrypted root and swap filesystems and boot from UEFI. Multi-OS, and VirtualBox, UEFI-booting are also supported.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # OBJECTIVE: Install Arch Linux with encrypted root and swap filesystems and boot from UEFI. | |
| # Note this encrypted installation method, while perfectly correct and highly secure, CANNOT support encrypted /boot and | |
| # also CANNOT be subsequently converted to support an encrypted /boot!!! A CLEAN INSTALL will be required! | |
| # Therefore, if you want to have an encrypted /boot or will want an encrypted /boot system at some point in the future, | |
| # please ONLY follow my encrypted /boot installation guide, which lives here: |
darnir
/ NeoMutt colorschemes
Last active
November 2, 2021 08:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # for background in 16 color terminal, valid background colors include: | |
| # base03, bg, black, any of the non brights | |
| # style notes: | |
| # when bg=235, that's a highlighted message | |
| # normal bg=233 | |
| # basic colors --------------------------------------------------------- | |
| # color normal brightyellow default | |
| color error color196 color235 # message line error text |
NewerOlder