Cheatsheet for HackTheBox with common things to do while solving these CTF challenges.
Because a smart man once said:
Never google twice.
Ko-kn3t
/ root_bypass.js
Created
April 27, 2024 18:30
— forked from pich4ya/root_bypass.js
Bypass Android Root Detection / Bypass RootBeer - August 2019
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // $ frida -l antiroot.js -U -f com.example.app --no-pause | |
| // CHANGELOG by Pichaya Morimoto ([email protected]): | |
| // - I added extra whitelisted items to deal with the latest versions | |
| // of RootBeer/Cordova iRoot as of August 6, 2019 | |
| // - The original one just fucked up (kill itself) if Magisk is installed lol | |
| // Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
| // If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
| Java.perform(function() { | |
| var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
Ko-kn3t
/ PowerView-3.0-tricks.ps1
Created
September 4, 2021 23:42
— forked from HarmJ0y/PowerView-3.0-tricks.ps1
PowerView-3.0 tips and tricks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/ | |
| # tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c | |
| # the most up-to-date version of PowerView will always be in the dev branch of PowerSploit: | |
| # https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1 | |
| # New function naming schema: | |
| # Verbs: | |
| # Get : retrieve full raw data sets | |
| # Find : ‘find’ specific data entries in a data set |
Ko-kn3t
/ htb.md
Created
April 20, 2020 10:54
— forked from AvasDream/htb.md
Cheatsheet for HackTheBox
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GDB commands by function - simple guide | |
| --------------------------------------- | |
| More important commands have a (*) by them. | |
| Startup | |
| % gdb -help print startup help, show switches | |
| *% gdb object normal debug | |
| *% gdb object core core debug (must specify core file) | |
| %% gdb object pid attach to running process | |
| % gdb use file command to load object |
Ko-kn3t
/ kerberos_attacks_cheatsheet.md
Created
January 23, 2020 03:41
— forked from TarlogicSecurity/kerberos_attacks_cheatsheet.md
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module: