Skip to content

Instantly share code, notes, and snippets.

View ruevaughn's full-sized avatar

Chase Jensen ruevaughn

71 followers · 263 following
View GitHub Profile
@ruevaughn
ruevaughn / genymotionwithplay.txt
Created October 17, 2021 21:05 — forked from wbroek/genymotionwithplay.txt
Genymotion with Google Play Services for ARM
NOTE: Easier way is the X86 way, described on https://www.genymotion.com/help/desktop/faq/#google-play-services
Download the following ZIPs:
ARM Translation Installer v1.1 (http://www.mirrorcreator.com/files/0ZIO8PME/Genymotion-ARM-Translation_v1.1.zip_links)
Download the correct GApps for your Android version:
Google Apps for Android 6.0 (https://www.androidfilehost.com/?fid=24052804347835438 - benzo-gapps-M-20151011-signed-chroma-r3.zip)
Google Apps for Android 5.1 (https://www.androidfilehost.com/?fid=96042739161891406 - gapps-L-4-21-15.zip)
Google Apps for Android 5.0 (https://www.androidfilehost.com/?fid=95784891001614559 - gapps-lp-20141109-signed.zip)
@ruevaughn
ruevaughn / master_script.sh
Last active October 17, 2021 21:42 — forked from LuD1161/master_script.sh
Master Script to automate all the recon
#!/bin/bash
if [ -z "$2" ]
then
echo "2nd Argument not supplied"
echo "2nd argument can be basic or advanced,it used for nmap"
echo "Usage : ./master_script.sh domain basic|advanced"
echo "Also do set your expo token export expToken=xxxx to receive push notification when this gets completed"
echo "Get your expo token here : https://play.google.com/store/apps/details?id=com.hackingsimplified.notifyme"
exit 1
@ruevaughn
ruevaughn / f5_here_i_come.sh
Created October 17, 2021 21:22 — forked from LuD1161/f5_here_i_come.sh
F5 Slapdash attempt
# Get all the F5 IPs from Shodan | Get script here : https://gist.github.com/LuD1161/2087aea80e8771a4af069c33b4078570
python3 shodan_query.py "http.favicon.hash:-335242539" results_f5.txt | tee -a output.txt
cat output.txt | grep -i "host :" | cut -d":" -f2 | cut -d" " -f2 | httpx -threads 400 -ports 80,443,8443,4443 -silent | nuclei -t cves/CVE-2020-5902.yaml -o results.txt
cut -d" " -f3 results.txt > targets.txt
sed -i -e "s/\.\;/\.\\\;/g" targets.txt # escape semicolon to pass to interlace
interlace -tL ./targets.txt -threads 100 -c "echo _target_; curl --insecure -v _target_ 2>&1 | awk 'BEGIN { cert=0 } /^\* SSL connection/ { cert=1 } /^\*/ { if (cert) print }'" -v | tee -a all_certs.txt
@ruevaughn
ruevaughn / notes-null-talk.txt
Created October 17, 2021 21:23 — forked from LuD1161/notes-null-talk.txt
Notes of Null talk on BadUSB
## Bad USB code
#include "DigiKeyboard.h"
#define WorkingPin 1 // Just as an LED indicator, as to when the work is finished
void setup() {
}
void loop() {
@ruevaughn
ruevaughn / gcp_enum.sh
Created October 17, 2021 21:23 — forked from carnal0wnage/gcp_enum.sh
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
# gcloud auth activate-service-account --key-file=85.json
# gcloud projects list
project="my-project"
space=""
echo "gcloud auth list"
gcloud auth list
echo -e "$space"
@ruevaughn
ruevaughn / recon-by-mentor.sh
Created October 17, 2021 21:26 — forked from yehgdotnet/recon-by-mentor.sh
CyberMentor's Recon script - https://pastebin.com/raw/MhE6zXVt by Heath Adams
#!/bin/bash
url=$1
if [ ! -d "$url" ];then
mkdir $url
fi
if [ ! -d "$url/recon" ];then
mkdir $url/recon
fi
# if [ ! -d '$url/recon/eyewitness' ];then
# mkdir $url/recon/eyewitness
@ruevaughn
ruevaughn / scanio.sh
Created October 17, 2021 21:57 — forked from haccer/scanio.sh
PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar
#!/bin/bash
# Usage : ./scanio.sh <save file>
# Example: ./scanio.sh cname_list.txt
# Premium
function ech() {
spinner=( "|" "/" "-" "\\" )
while true; do
for i in ${spinner[@]}; do
echo -ne "\r[$i] $1"
@ruevaughn
ruevaughn / androidmenu.sh
Created October 17, 2021 22:50 — forked from jmingov/androidmenu.sh
#!/bin/bash
# Modified to include menu system
# Kernel Development requires Kali 64bit host
# Configure the build environment
DEBUG=0 # Valid values are 0 or 1, with 1 being enabled
LOCALGIT=0
FROZENKERNEL=0
######### Dependencies #######
@ruevaughn
ruevaughn / prepare-kali.sh
Created October 17, 2021 22:50 — forked from mgeeky/prepare-kali.sh
A script that prepares Kali by collecting many useful tools of trade in /root/tools directory, installing requirements, seting them up, preparing .bashrc etc.
#!/bin/bash
# Well, entire Kali installation assume that we are normally working as root on our Kali.
# I know that assumption sucks to its root, but I wanted to avoid every "permission denied" issue and I was too lazy
# to get it done properly as a non-root.
if [ $EUID -ne 0 ]; then
echo "This script must be run as root."
exit 1
fi
@ruevaughn
ruevaughn / github_bugbountyhunting.md
Created October 17, 2021 22:53 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output