Tested on Windows 10 x64, Anniversary Update
17.09.2017
-
Set up an OpenVPN connection following this guide
-
Generate a TA key and place it in the same folder as the other certificates/keys:
/unack/ un4ckn0wl3z
🌴
ViRb3
/ OpenVPN Internet Proxy Windows.md
Last active
April 3, 2025 18:11
Create an OpenVPN Windows server that proxies internet traffic
ernsheong
/ ropc_kong.md
Last active
August 25, 2021 07:37
Implementing OAuth2 Resource Owner Password Credentials Grant with Kong
The documentation is okay, but it has some holes, and I had to read it many many times and play with the API myself to "get it" in terms of implementation. So here is a guide that I hope will help someone along the way.
DISCLAIMER: This is by no means the canonical or the most secure way to do this. Below are my findings upon my reading of the docs and the spec. But I might be wrong, very wrong.
This gist is meant to complement the documentation in https://getkong.org/plugins/oauth2-authentication/.
The Resource Owner Password Credentials Grant makes sense if we want to authenticate users who are using our trusted 1st party applications of our own service. (However, you might not want to trust your JavaScript SPA with your refresh token, and maybe you need to store that refresh token in the server on behalf of the SPA if you are paranoid about security. Disclaimer: I am not a security expert)
crittermike
/ wget.sh
Last active
June 9, 2025 16:19
Download an entire website with wget, along with assets.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # One liner | |
| wget --recursive --page-requisites --adjust-extension --span-hosts --convert-links --restrict-file-names=windows --domains yoursite.com --no-parent yoursite.com | |
| # Explained | |
| wget \ | |
| --recursive \ # Download the whole site. | |
| --page-requisites \ # Get all assets/elements (CSS/JS/images). | |
| --adjust-extension \ # Save files with .html on the end. | |
| --span-hosts \ # Include necessary assets from offsite as well. | |
| --convert-links \ # Update links to still work in the static version. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const http = require('http'); | |
| const server = http.createServer(); | |
| server.on('request', (request, response) => { | |
| let body = []; | |
| request.on('data', (chunk) => { | |
| body.push(chunk); | |
| }).on('end', () => { | |
| body = Buffer.concat(body).toString(); |
worawit
/ eternalblue8_exploit.py
Last active
March 16, 2024 18:38
Eternalblue exploit for Windows 8/2012
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb, ntlm | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 8 and 2012 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
worawit
/ eternalblue7_exploit.py
Last active
July 29, 2025 08:45
Eternalblue exploit for Windows 7/2008
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
| from impacket import smb | |
| from struct import pack | |
| import sys | |
| import socket | |
| ''' | |
| EternalBlue exploit for Windows 7/2008 by sleepya | |
| The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
jaredcatkinson
/ Get-InjectedThread.ps1
Last active
June 8, 2025 15:56
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
ipedrazas
/ gist:95391ffd88190bea94ca188d3d2c1cbe
Created
January 28, 2017 10:45
kubernetes cheatsheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Useful Commands | |
| Get kubectl version | |
| kubectl version | |
| Get cluster info: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| setlocal | |
| call :setESC | |
| cls | |
| echo %ESC%[101;93m STYLES %ESC%[0m | |
| echo ^<ESC^>[0m %ESC%[0mReset%ESC%[0m | |
| echo ^<ESC^>[1m %ESC%[1mBold%ESC%[0m | |
| echo ^<ESC^>[4m %ESC%[4mUnderline%ESC%[0m |