royra

.log
0
1
1234
12345
123456
18Renmeng
2
ACrenshaw
AGorg

nullenc0de

#!/usr/bin/env python3

"""
Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
Based on: https://github.com/thalpius/Microsoft-Defender-for-Identity-Check-Instance.
Usage: ./check_mdi.py -d <domain>
"""

import argparse
import dns.resolver

coolaj86

Chat GPT "DAN" (and other "Jailbreaks")

• https://chat.openai.com/
• Is ChatGPT "DAN" Real? Gonna find out [Part 1]
  (https://www.youtube.com/watch?v=-q8woRG9FrI)
• Part 2: I thought ChatGPT DAN was a hoax, but...
  (https://www.youtube.com/watch?v=rHZRrDu3A2U&lc=UgxfrxX8aK7gnCzkend4AaABAg)

glen-testing

import requests
# From https://github.com/Ge0rg3/requests-ip-rotator
from requests_ip_rotator import ApiGateway
import time

"""
I got to 6th on the board as 'fiasco' with 4 blocks on 9/11/2022 of ipv4.games
You can do better. Adapt this to choose different regions and do 5-10k 
request runs per-api-gateway and you'll chew through whatever blocks 
AWS had api gateways in. They're supposedly free for the first 1million 

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

nullenc0de

wget https://gist.githubusercontent.com/nullenc0de/bb16be959686295b3b1caff519cc3e05/raw/2016dc0e692821ec045edd5ae5c0aba5ec9ec3f1/api-linkfinder.yaml
echo https://stripe.com/docs/api | hakrawler -t 500 -d 10 |nuclei -t ./linkfinder.yaml -o api.txt
cat api.txt |grep url_params |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_params.txt
cat api.txt |grep relative_links |cut -d ' ' -f 7 |tr , '\n' | tr ] '\n' | tr [ '\n' |tr -d '"' |tr -d "'" |sort -u > api_link_finder.txt

nullenc0de

id: api-linkfinder

info:
  name: API Recon
  author: nullenc0de
  severity: info
  tags: file

requests:
  - method: GET

herrcore

//
// +-------------------------------------------------------------------------+
// |      This file was generated by The Interactive Disassembler (IDA)      |
// |           Copyright (c) 2020 Hex-Rays, <[email protected]>           |
// |                      License info: 48-B331-7A44-33                      |
// |                       Sergei Frankoff, press copy                       |
// +-------------------------------------------------------------------------+
//
//

0xsha

# CVE-2020-10148  (local file disclosure PoC for SolarWinds Orion aka door to SuperNova ? )
# @0xSha 
# (C) 2020 0xSha.io 

# Advisory : https://www.solarwinds.com/securityadvisory
# Mitigation : https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip
# Details : https://kb.cert.org/vuls/id/843464

# C:\inetpub\SolarWinds\bin\OrionWeb.DLL
# According to SolarWinds.Orion.Web.HttpModules

mgeeky

#include <stdio.h>
#include <stdlib.h>
#define WIN32_LEAN_AND_MEAN
#include <windows.h>

int main(int argc, char **argv) {
    if (argc != 2) { 
        printf("Usage: ./shellcodeLoader <shellcode64>\n");
        return 1; 
    }