Skip to content

Instantly share code, notes, and snippets.

View shekkbuilder's full-sized avatar

shekk shekkbuilder

147 followers · 777 following
View GitHub Profile
@shekkbuilder
shekkbuilder / ssltest.py
Created April 8, 2014 21:28 — forked from sh1n0b1/ssltest.py
#!/usr/bin/python
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected])
# The author disclaims copyright to this source code.
import sys
import struct
import socket
import time
import select
@shekkbuilder
shekkbuilder / README.md
Last active August 29, 2015 14:11 — forked from hofmannsven/README.md
@shekkbuilder
shekkbuilder / httpshell.md
Last active August 29, 2015 14:17

This article can also be found in Hack in the Box Magazine

##0x00 Abstract## Discretion is a necessity when performing a penetration test. The job is to test a network's defenses as well as the security team's ability to detect and respond to an incident, while being as discrete as possible. Neohapsis Labs looked into the obstacles and solutions for developing a communication channel with a device residing in a protected and monitored network. This paper will discuss these findings. A new tool demonstrating some of these techniques will also be discussed. This paper will also speculate as to defensive solutions for such threats.

##Table of Contents##

  • 0x01 -- Introduction
  • 0x02 -- Attacks and Defenses
  • 0x02.01 -- Network Address Translation / Port Address Translation (NAT/PAT)
  • 0x02.02 -- Ingress Port Filtering
@shekkbuilder
shekkbuilder / README.md
Last active August 29, 2015 14:18 — forked from hofmannsven/README.md
@shekkbuilder
shekkbuilder / wiki.php
Last active August 29, 2015 14:18 — forked from thedouglenz/wiki.php
#!/usr/bin/env php
<?php
/*
* A program to grab a quick summary of some topic from Wikipedia.
* Usage: wiki <subject>
*
* subject can contain spaces if, for example, it is more than one word.
* Examples
* `wiki cherry bomb`
* `wiki Hercules`
@shekkbuilder
shekkbuilder / gist:1e8c33fc093dcf8142b2
Last active August 29, 2015 14:20 — forked from eatonphil/gist:7d57257f65673b343441
{
{I have|I’ve} been {surfing|browsing} online more than {three|3|2|4} hours today, yet
I never found any interesting article like yours. {It’s|It is}
pretty worth enough for me. {In my opinion|Personally|In my view},
if all {webmasters|site owners|website owners|web owners} and bloggers made good content as you did, the {internet|net|web} will be {much more|a lot more} useful than ever before.|
I {couldn’t|could not} {resist|refrain from} commenting.
{Very well|Perfectly|Well|Exceptionally well} written!|
{I will|I’ll} {right away|immediately} {take hold of|grab|clutch|grasp|seize|snatch} your {rss|rss feed} as I {can not|can’t} {in finding|find|to find} your {email|e-mail} subscription {link|hyperlink} or {newsletter|e-newsletter} service.
Do {you have|you’ve} any? {Please|Kindly} {allow|permit|let} me {realize|recognize|understand|recognise|know} {so that|in order that} I {may
just|may|could} subscribe. Thanks.|
@shekkbuilder
shekkbuilder / httpshell.md
Last active August 29, 2015 14:22

This article can also be found in Hack in the Box Magazine

##0x00 Abstract## Discretion is a necessity when performing a penetration test. The job is to test a network's defenses as well as the security team's ability to detect and respond to an incident, while being as discrete as possible. Neohapsis Labs looked into the obstacles and solutions for developing a communication channel with a device residing in a protected and monitored network. This paper will discuss these findings. A new tool demonstrating some of these techniques will also be discussed. This paper will also speculate as to defensive solutions for such threats.

##Table of Contents##

  • 0x01 -- Introduction
  • 0x02 -- Attacks and Defenses
  • 0x02.01 -- Network Address Translation / Port Address Translation (NAT/PAT)
  • 0x02.02 -- Ingress Port Filtering
@shekkbuilder
shekkbuilder / sh_env_var_opts.sh
Last active August 29, 2015 14:23 — forked from KylePDavis/sh_env_var_opts.sh
#!/bin/bash -e
# A SHORT DESCRIPTION OF YOUR SCRIPT GOES HERE
# USAGE:
# DESCRIPTION OF ENV VARS HERE
###############################################################################
set -e # exit on command errors (so you MUST handle exit codes properly!)
set -o pipefail # capture fail exit codes in piped commands
#set -x # execution tracing debug messages
# Get command info
@shekkbuilder
shekkbuilder / Documentation.md
Last active August 29, 2015 14:24 — forked from KartikTalwar/Documentation.md

The fastest remote directory rsync over ssh archival I can muster (40MB/s over 1gb NICs)

This creates an archive that does the following:

rsync (Everyone seems to like -z, but it is much slower for me)

  • a: archive mode - rescursive, preserves owner, preserves permissions, preserves modification times, preserves group, copies symlinks as symlinks, preserves device files.
  • H: preserves hard-links
  • A: preserves ACLs
@shekkbuilder
shekkbuilder / rpm-spec-reference.sh
Last active August 29, 2015 14:24 — forked from parzonka/rpm-spec-reference.sh
# do not rely on specific architecture
BuildArch: noarch
# suppress automatic detection of requirements
AutoReqProv: no