Getting started:
Related tutorials:
sneakymonk3y
/ gist:8cec5bb557304f15ee83fb6ae1b2ca1b
Created
December 30, 2022 22:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl "http://tdir-webappalb-eza1ljisfr1s-421257952.us-east-1.elb.amazonaws.com/demo.php?site=http://169.254.169.254/latest/meta-data/" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SELECT job.job_id as [JOB_ID], | |
| job.name as [JOB_NAME], | |
| job.description as [JOB_DESCRIPTION], | |
| steps.step_name, | |
| steps.subsystem, | |
| steps.command, | |
| SUSER_SNAME(job.owner_sid) as [JOB_OWNER], | |
| steps.proxy_id, | |
| proxies.name as [proxy_account], | |
| job.enabled, |
sneakymonk3y
/ excel_xlm.yar
Created
June 22, 2020 16:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rule Excel_Hidden_Macro_Sheet | |
| { | |
| meta: | |
| Author = "InQuest Labs" | |
| URL = "https://github.com/InQuest/yara-rules" | |
| Description = "http://blog.inquest.net/blog/2019/01/29/Carving-Sneaky-XLM-Files/" | |
| strings: | |
| $ole_marker = {D0 CF 11 E0 A1 B1 1A E1} | |
| $macro_sheet_h1 = {85 00 ?? ?? ?? ?? ?? ?? 01 01} | |
| $macro_sheet_h2 = {85 00 ?? ?? ?? ?? ?? ?? 02 01} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <script type="text/javascript"> | |
| function ahead() | |
| { | |
| objs = new Array([navigator, "navigator"], [screen, "screen"]); | |
| str = new String(""); | |
| for(i = 0; i<objs.length; i++) { | |
| for(var prop in objs[i][0]) { |
sneakymonk3y
/ tweetgrab.py
Created
March 18, 2019 19:02
HTB CTF - grab tweets based on Twitter handle specified and dump to .csv
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # encoding: utf-8 | |
| import tweepy #https://github.com/tweepy/tweepy | |
| import csv | |
| #Twitter API credentials | |
| consumer_key = "" | |
| consumer_secret = "" | |
| access_key = "" |
sneakymonk3y
/ iplookup.sh
Last active
November 13, 2023 12:23
IP lookup / greynoise.io / ipinfo.io / shodan.io / otx.alienvault.com
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| args=("$@") | |
| check_greynoise() | |
| { | |
| echo "GREYNOISE" | |
| curl -s -XPOST -d 'ip='${args[0]} 'http://api.greynoise.io:8888/v1/query/ip' | jq '.' | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BinText / strings / strings2 / bstrings | |
| Process Monitor | |
| Process Hacker | |
| Autoruns | |
| PEiD | |
| Regshot | |
| LordPE | |
| Ollydbg | |
| IDA Pro/FREE | |
| WireShark |
sneakymonk3y
/ README.md
Created
August 20, 2017 16:20
— forked from hofmannsven/README.md
My simply MySQL Command Line Cheatsheet
sneakymonk3y
/ keybase.md
Created
November 5, 2015 08:13
I hereby claim:
- I am sneakymonk3y on github.
- I am markrobinsonuk (https://keybase.io/markrobinsonuk) on keybase.
- I have a public key whose fingerprint is ECA3 444F 6B24 2086 DF9B 3031 2599 7F90 2D61 F421
To claim this, I am signing this object: