Skip to content

Instantly share code, notes, and snippets.

View nullenc0de's full-sized avatar

nullenc0de

189 followers · 0 following
View GitHub Profile
@nullenc0de
nullenc0de / CVE-2024-38063.py
Created August 16, 2024 14:02
class IPv6Packet:
def __init__(self, main_header_length, extension_headers):
self.main_header_length = main_header_length
self.extension_headers = extension_headers
def process_packet(packet):
total_length = packet.main_header_length
# Vulnerable loop: doesn't check for integer underflow
for header_length in packet.extension_headers:
@nullenc0de
nullenc0de / suspicious-extensions-rce.yaml
Created August 16, 2024 13:21
id: suspicious-extensions-rce
info:
name: Suspicious File Extensions - Potential RCE
author: Nullenc0de
severity: medium
description: Detects files with potentially suspicious extensions that could be used for Remote Code Execution (RCE). Scan your AppData folder.
file:
- extensions:
@nullenc0de
nullenc0de / jumpproxy.sh
Created August 15, 2024 18:52
need access to an internal host for nessus.
#!/bin/bash
# Configuration
LOCAL_PORT=8834
JUMP_SERVER="ubuntu@blah.compute-1.amazonaws.com"
JUMP_KEY="./ssh.pem"
NESSUS_SERVER="kali@x.x.x.x"
NESSUS_KEY="./ssh.pem"
NESSUS_PORT=8834
@nullenc0de
nullenc0de / aws-cognito-misconfiguration-markers.yaml
Created July 26, 2024 20:45
id: aws-cognito-misconfiguration-markers
info:
name: AWS Cognito Misconfiguration Markers
author: nullenc0de
severity: high
description: Detects potential AWS Cognito misconfigurations by searching for sensitive markers in JavaScript files.
reference: https://www.yassineaboukir.com/talks/NahamConEU2022.pdf
tags: aws,cognito,misconfiguration,javascript
@nullenc0de
nullenc0de / cloudflare
Created July 24, 2024 18:15
Cloudflare rules
(ip.src in {
4.0.0.0/8
9.0.0.0/8
13.0.0.0/8
20.0.0.0/8
23.96.0.0/13
40.0.0.0/8
51.0.0.0/8
52.0.0.0/8
57.0.0.0/8
@nullenc0de
nullenc0de / fix_crowdstrike.bat
Created July 19, 2024 13:08
https://x.com/brody_n77/status/1814185935476863321
@echo off
setlocal enabledelayedexpansion
REM Check if BitLocker is enabled on drive C:
manage-bde -status C: | findstr /i "Conversion Status:\s*Fully Encrypted"
if %errorlevel% neq 0 (
echo BitLocker is not enabled on drive C:.
goto continue
) else (
echo BitLocker is enabled on drive C:.
@nullenc0de
nullenc0de / auto.sh
Last active June 16, 2024 02:51
bash -c "$(curl -fsSL https://gist.githubusercontent.com/nullenc0de/a14866ef55454abc6138d1d8afb08866/raw/ee5a5ef90440be0c7c0234199eabc51f16ebffc3/auto.sh)"
#!/bin/bash
# Function to add items to the todo list
add_to_todo() {
local item="$1"
echo "$item" >> "${folder_name}/todo.txt"
}
# Function to send alerts via webhook
send_alert() {
@nullenc0de
nullenc0de / proxy.sh
Created March 21, 2024 20:20
Proxy Binary to Burp
#!/bin/bash
# Set the proxy server and port
PROXY_SERVER="127.0.0.1"
PROXY_PORT="8080"
# Install Proxychains4
echo "Installing Proxychains4..."
sudo apt-get update
sudo apt-get install -y proxychains4
@nullenc0de
nullenc0de / block_sec.sh
Created February 16, 2024 16:49
Looks up IP addresses to companies and blocks them via IP tables.
#!/bin/bash
apt install golang -y
GOROOT="/usr/local/go"
PATH="${PATH}:${GOROOT}/bin"
GOPATH=$HOME/go
PATH="${PATH}:${GOROOT}/bin:${GOPATH}/bin"
go install github.com/projectdiscovery/asnmap/cmd/asnmap@latest
@nullenc0de
nullenc0de / sort.sh
Created November 26, 2023 14:28
Sort the tlsx output
#!/bin/bash
declare -A companies
while read -r line; do
domain=$(echo "$line" | awk -F'[:[]' '{print $1}' | tr -d ' ')
company=$(echo "$line" | awk -F'[][]' '{print $2}' | tr -d ' ')
if [ -n "$domain" ] && [ -n "$company" ]; then
if [ -z "${companies[$company]}" ]; then