scrapped from @x0rz,@etlow,@Dinosn,@hackerfantastic,@highmeh,@cyb3rops and others
- A quick analysis of the latest Shadow Brokers dump https://labs.nettitude.com/blog/a-quick-analysis-of-the-latest-shadow-brokers-dump/
- Timestamps
B0unya
B0unya
/ resources.md
Created
February 23, 2025 01:19
— forked from iam1980/resources.md
Shadow Brokers EQGRP Lost in Translation resources
B0unya
/ gist:7030103bbfc2eb746f7c7ece01733b90
Created
September 28, 2024 23:12
— forked from yehgdotnet/gist:ec6ae948a6735d66f6eaff2ef60649a3
Bypass IP-based restriction through spoofed localhost header
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| X-Azure-ClientIP: 127.0.0.1 | |
| X-Azure-SocketIP: 127.0.0.1 | |
| X-Originating-IP: 127.0.0.1 | |
| X-Forwarded-For: 127.0.0.1 | |
| X-Remote-IP: 127.0.0.1 | |
| X-Remote-Addr: 127.0.0.1 | |
| X-Real-Ip: 127.0.0.1 | |
| X-Target-IP: 127.0.0.1 | |
| X-Forwarded-Host: localhost | |
| True-Client-IP: 127.0.0.1 |
B0unya
/ get-shodan-favicon-hash.py
Created
September 28, 2024 23:05
— forked from yehgdotnet/get-shodan-favicon-hash.py
Get Shodan FAVICON Hash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://twitter.com/brsn76945860/status/1171233054951501824 | |
| pip install mmh3 | |
| ----------------------------- | |
| # python 2 | |
| import mmh3 | |
| import requests | |
| response = requests.get('https://cybersecurity.wtf/favicon.ico') | |
| favicon = response.content.encode('base64') |
B0unya
/ writeup.md
Last active
June 27, 2024 03:46
— forked from loknop/writeup.md
Solving "includer's revenge" from hxp ctf 2021 without controlling any files
The challenge was to achieve RCE with this file:
<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).
I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.
B0unya
/ مواقع_هكر.txt
Created
June 13, 2024 01:35
— forked from trietptm/مواقع_هكر.txt
http://pastebin.com/f1UqPY30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://forum.ayyildiz.org/forum.php AYYILDIZ TİM - Psikolojik Savaş Ve Stratejik Araştırmalar Merkezi | |
| http://comradex.co/ Comradex | Advanced Programming - Penetration Testing - Vulnerabilities and Defence - Undetection | |
| http://cryptosuite.org/forum/ CryptoSuite.ORG || The Best Encryption Platform Of The World | |
| http://cyber-warrior.org/Forum/Login_User.Asp Cyber-Warrior.Org | |
| http://hidden-sabotage.com/ Hidden-Sabotage.Com - Crypter, Keylogger, Stealer, Trojen, Fud, Güvenlik - Eğitim Sitesi | Private Undetecter Team | - vBulletin | |
| http://imhatimi.org/forums.php iMHATiMi.ORG Hack sitesi | Hack Programları | Skype Hack | Türk Hack | Exploits | Trojan | Keylogger | FUD Keylogger | FUD exe | Botnet exe - Forumlar Warez & hack ve hacker Kolezyumu | |
| http://mavi1.org/forum/ mavi1.org - O Bir Dünya Markası | |
| http://millikuvvetler.net/Forum.php Hack | MilliKuvvetler TIM | Vatanın Sanal Koruyucuları | Alayına İsyan Ölümüne Vatan | GÜCÜ HİSSET - vBulletin | |
| http://redhatz.org/ RedHatz |