Skip to content

Instantly share code, notes, and snippets.

View swarupsro's full-sized avatar
🌴
On vacation

Swarup Saha swarupsro

🌴
On vacation
184 followers · 783 following
View GitHub Profile
@swarupsro
swarupsro / dirdumper.sh
Created December 3, 2020 10:04
Directory Dumper
#!/bin/bash
for dirname in $(find . | sed -e "s/[^-][^\/]*\// |/g" -e "s/|\([^ ]\)/|-\1/")
do
echo "$dirname" >> dirdump.txt
done
@swarupsro
swarupsro / OpenVPN Extractor.md
Last active April 6, 2020 19:54 — forked from seebk/README.md
Extract embedded certificates and keys from OpenVPN config files

This python script is intended to automate the extraction of embedded certificates and keys from OpenVPN config files.

Unfortunately the GNOME Network-Manager is not able to automatically import OpenVPN config files with embedded certificates and keys. A workaround is to manually extract these and store them in separate files (e.g. see https://naveensnayak.wordpress.com/2013/03/04/ubuntu-openvpn-with-ovpn-file/).

Instructions:

  • Make shure all the required packages are installed. For example on Ubuntu and Debian run:

    $ sudo apt-get install python3 network-manager-openvpn-gnome

@swarupsro
swarupsro / gist:36e95b9609006611cfcccd89adf1424e
Created March 17, 2020 06:02 — forked from asolino/gist:45095268f0893bcf08bca3ae68a755b2
#!/usr/bin/env python
import argparse
import string
import sys
from impacket import nmb
from impacket.smb3 import SMB2_COMPRESSION_TRANSFORM_HEADER, SMB3, SMB2_DIALECT_311, SMB2_NEGOTIATE_SIGNING_REQUIRED, \
SMB2_NEGOTIATE_SIGNING_ENABLED, STATUS_SUCCESS, SMB2_DIALECT_30, \
SMB2_GLOBAL_CAP_ENCRYPTION, SMB2_DIALECT_WILDCARD, SMB2Negotiate_Response, SMB2_NEGOTIATE, \
SMB2Negotiate, SMB311ContextData, SMB2NegotiateContext, SMB2_PREAUTH_INTEGRITY_CAPABILITIES, \
@swarupsro
swarupsro / dorks.txt
Created March 13, 2020 04:01 — forked from abdelhady360/dorks.txt
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
inurl /bug bounty
inurl : / security
inurl:security.txt
inurl:security "reward"
inurl : /responsible disclosure
inurl : /responsible-disclosure/ reward
inurl : / responsible-disclosure/ swag
inurl : / responsible-disclosure/ bounty
inurl:'/responsible disclosure' hoodie
responsible disclosure swag r=h:com
@swarupsro
swarupsro / hacker_howto.md
Created November 8, 2019 20:09 — forked from dalenunns/hacker_howto.md
A list of resources on how to be a hacker/pentester/security person - from #infosec on zatech.slack.com

Howto be a Hacker/Pentester/Security person - List of resources

I've just stolen HypnZA list of suggested links and added a few others by various people. (Please feel free to send me other links/info you think might be useful to add.)

HypnZA's commonly shared list (in the correct order):

  1. https://www.hacksplaining.com
  2. https://pentesterlab.com/exercises/web_for_pentester and https://pentesterlab.com/exercises/web_for_pentester_II
  3. Watch Ippsec's HackTheBox videos from oldest to newest, but attempt the box in the video before watching the video (requires a paid hackthebox account to access the machines in the videos)
@swarupsro
swarupsro / docker-destroy-all.sh
Created June 23, 2019 16:57 — forked from JeffBelback/docker-destroy-all.sh
Destroy all Docker Containers and Images
#!/bin/bash
# Stop all containers
containers=`docker ps -a -q`
if [ -n "$containers" ] ; then
docker stop $containers
fi
# Delete all containers
containers=`docker ps -a -q`
if [ -n "$containers" ]; then
docker rm -f -v $containers
@swarupsro
swarupsro / linux_privesc
Created March 11, 2019 10:35 — forked from sckalath/linux_privesc
Linux Privilege Escalation Techniques
// Determine linux distribution and version
cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release
cat /etc/redhat-release
// Determine kernel version - 32 or 64-bit?
cat /proc/version
uname -a
uname -mrs
@swarupsro
swarupsro / office2016.cmd
Created February 22, 2019 09:14
@echo off
title Activate Microsoft Office 2016 ALL versions for FREE!&cls&echo ============================================================================&echo #Project: Activating Microsoft software products for FREE without software&echo ============================================================================&echo.&echo #Supported products:&echo - Microsoft Office Standard 2016&echo - Microsoft Office Professional Plus 2016&echo.&echo.&(if exist "%ProgramFiles%\Microsoft Office\Office16\ospp.vbs" cd /d "%ProgramFiles%\Microsoft Office\Office16")&(if exist "%ProgramFiles(x86)%\Microsoft Office\Office16\ospp.vbs" cd /d "%ProgramFiles(x86)%\Microsoft Office\Office16")&(for /f %%x in ('dir /b ..\root\Licenses16\proplusvl_kms*.xrm-ms') do cscript ospp.vbs /inslic:"..\root\Licenses16\%%x" >nul)&(for /f %%x in ('dir /b ..\root\Licenses16\proplusvl_mak*.xrm-ms') do cscript ospp.vbs /inslic:"..\root\Licenses16\%%x" >nul)&echo.&echo ============================================================================&ech
@swarupsro
swarupsro / MamunSir.c
Created February 21, 2019 05:23
#include <stdio.h>
void main()
{
float pamount, amount, pvat, vat, pait, ait;
printf("Enter the amount: ");
scanf("%f",&pamount);
printf("Percent of vat: ");
scanf("%f",&pvat);
@swarupsro
swarupsro / CVE-2019-1003000-Jenkins-RCE-POC.py
Created February 15, 2019 15:07 — forked from adamyordan/CVE-2019-1003000-Jenkins-RCE-POC.py
CVE-2019-1003000-Jenkins-RCE-POC
#!/usr/bin/python
# Author: Adam Jordan
# Date: 2019-02-15
# Repository: https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
# PoC for: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
import argparse
import jenkins