Skip to content

Instantly share code, notes, and snippets.

View seajaysec's full-sized avatar

Chris Farrell seajaysec

90 followers · 24 following
View GitHub Profile
@Flangvik
Flangvik / gist:3c02bae70e6d34d542783d07c8cbe584
Last active December 8, 2024 21:33
S4USelf_ZeroToHero.py
import sys
import os
import argparse
import getpass
import logging
import subprocess
import shlex
import base64
# Needs to PKINITtools have by @_dirkjan installed / be ran in the same directory
@micahvandeusen
micahvandeusen / PetitPotam.py
Created August 11, 2021 14:41
PetitPotam.py modified to use EfsRpcDecryptFileSrv not EfsRpcOpenFileRaw
#!/usr/bin/env python
#
# Author: GILLES Lionel aka topotam (@topotam77)
# Modified by: Micah Van Deusen (@micahvandeusen)
# Greetz : grenadine(@Greynardine), skar(@__skar), didakt(@inf0sec1), plissken, pixis(@HackAndDo), shutd0wn(@ _nwodtuhs)
# "Most of" the code stolen from dementor.py from @3xocyte ;)
import sys
import argparse
@nullenc0de
nullenc0de / apk_params.txt
Last active March 23, 2022 20:49
MD
TermUrl
a
adjust_campaign
alternatives
amount
app
app_id
appname
avoid
@nullenc0de
nullenc0de / apk_relative_links.txt
Created August 13, 2021 00:07
@tothi
tothi / usbgadget_razer.sh
Created August 22, 2021 09:52
Razer USB gadget on Android for Local Privilege Escalation on Windows
# MINIMAL USB gadget setup using CONFIGFS for simulating Razer Gaming HID
# devices for triggering the vulnerable Windows Driver installer
# credits for the Windows Driver install vuln: @j0nh4t
#
# https://twitter.com/j0nh4t/status/1429049506021138437
# https://twitter.com/an0n_r0/status/1429263450748895236
#
# the script was developed & tested on Android LineageOS 18.1
@snovvcrash
snovvcrash / GetZip.py
Last active February 8, 2023 13:56
Exfiltrate LSASS dump over TCP
#!/usr/bin/env python3
# Usage: GetZip.py 0.0.0.0 1337 [--xor 255] --md5 --parse
# Requirements: pip3 install tqdm pypykatz
import os
import socket
import zipfile
import hashlib
from argparse import ArgumentParser
@byt3bl33d3r
byt3bl33d3r / log4j_rce_check.py
Created December 10, 2021 06:02
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (https://www.lunasec.io/docs/blog/log4j-zero-day/)
#! /usr/bin/env python3
'''
Needs Requests (pip3 install requests)
Author: Marcello Salvati, Twitter: @byt3bl33d3r
License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)
This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.
@bugbountynights
bugbountynights / log4j-keywords
Last active September 7, 2024 08:39
${ctx:loginId}
${map:type}
${filename}
${date:MM-dd-yyyy}
${docker:containerId}
${docker:containerName}
${docker:imageName}
${env:USER}
${event:Marker}
${mdc:UserId}
@cfreshman
cfreshman / wordle-answers-alphabetical.txt
Last active May 7, 2025 03:21
Original Wordle answers from source code in alphabetical order. And if you write a solver, here's a leaderboard! https://freshman.dev/wordle/leaderboard Additional allowed guesses: https://gist.github.com/cfreshman/cdcdf777450c5b5301e439061d29694c
aback
abase
abate
abbey
abbot
abhor
abide
abled
abode
abort
@tothi
tothi / nmap-http-url.py
Last active September 9, 2024 17:39
Generate HTTP URLs from Nmap XML (and optionally use VirtualHosts)
#!/usr/bin/env python3
#
# inputs: nmap.xml (nmap scan xml output), subdomains.csv (optional virtualhost info, hostname + ip address csv file)
# output: url listing (useful for tools like EyeWitness)
#
# sample usage: ./nmap-http-url.py nmap.xml subdomains.csv | sort -u | gowitness file -f -
#
description = '''
Generate HTTP URLs from Nmap XML (and optionally additional VirtualHost listing, taken from e.g. subdomain enumeration).