Skip to content

Instantly share code, notes, and snippets.

View D3Ext's full-sized avatar
🇪🇦

D3Ext D3Ext

🇪🇦
654 followers · 165 following
View GitHub Profile
@drego85
drego85 / upload_wpa-sec.py
Last active April 14, 2025 11:41
Script for automatic upload of handshakes to Distributed WPA PSK auditor (wpa-sec.stanev.org)
#!/usr/bin/env python3
#
# Script for automatic upload of handshakes captured
# by Pwnagotchi, Flipper Zero or Marauder to
# Distributed WPA PSK auditor (wpa-sec.stanev.org).
#
# The script is progressive, not sending to WPA Sec
# handshaske already analysed.
#
# The script also saves the detected WPA keys locally.
@D3Ext
D3Ext / arch_installation.md
Last active February 9, 2025 08:24
Arch Linux Installation + Customization

Introduction

This guide aids with the ArchLinux installation using VMWare

This is based on the official Arch Linux installation guide, my own experience and some videos I found on Youtube.

Installation

First of all change the keyboard layout to the desired language with loadkeys, in my case to spanish

@D3Ext
D3Ext / debruijn.go
Created January 5, 2023 12:32
Golang implementation of the De Bruijn algorith
package main
import (
"fmt"
"os"
"strings"
"bytes"
"strconv"
"flag"
)
@D3Ext
D3Ext / amsi-bypass.md
Last active April 11, 2025 19:30
All methods to bypass AMSI (2022)

AMSI Bypass

To perform all this techniques you can simply try them by typing "Invoke-Mimikatz" into your powershell terminal, you'll notice that even if you haven't imported Mimikatz it will detect that as malicious. But if the AMSI is off or you avoid it, it just will say that "it's not recognized as the name of a cmdlet", so you could say that you've bypassed the AMSI

However some methods may be detected by the AV but most of them actually work without problem

Powershell downgrade

The first and worst way to bypass AMSI is downgrading powershell version to 2.0.

@D3Ext
D3Ext / deauth-detector.py
Created September 12, 2022 21:18
A simple deauth packets detector in python
#!/usr/bin/env python3
from scapy.all import *
def PacketHandler(pkt):
if pkt.haslayer(Dot11) and pkt.type == 0 and pkt.subtype == 0xC:
print("Deauth packet sniffed: %s" % (pkt.summary()))
sniff(iface="wlan0mon", prn = PacketHandler)
@byt3bl33d3r
byt3bl33d3r / encrypt_decrypt.nim
Last active March 23, 2025 23:16
Nim AES256 Encryption/Decryption
#[
Author: Marcello Salvati, Twitter: @byt3bl33d3r
License: BSD 3-Clause
AES256-CTR Encryption/Decryption
]#
import nimcrypto
import nimcrypto/sysrand
@FatRodzianko
FatRodzianko / my-am-bypass.ps1
Last active February 7, 2025 22:31
small modification to Rastemouse's AmsiScanBuffer bypass to use bytes. Uses different opcode bytes
$Win32 = @"
using System;
using System.Runtime.InteropServices;
public class Win32 {
[DllImport("kernel32")]
public static extern IntPtr GetProcAddress(IntPtr hModule, string procName);
[DllImport("kernel32")]
@securifera
securifera / Filename extension list
Created June 21, 2020 00:31
.php
.html
.txt
.htm
.aspx
.asp
.js
.css
.pgsql.txt
.mysql.txt
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@PSJoshi
PSJoshi / rbash-escape.md
Last active February 9, 2025 01:59
Escape from rbash to bash shell

Change rbash to bash

psj@ubuntu:~$ ssh psj@server_name-t "bash --noprofile"

List available commands:

$ compgen -c

Essentially you need to do the following: