With kerbrute.py:
python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>With Rubeus version with brute module:
TarlogicSecurity
/ kerberos_attacks_cheatsheet.md
Created
May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks
nullenc0de
/ content_discovery_nullenc0de.txt
Last active
February 10, 2026 17:20
content_discovery_nullenc0de.txt
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| / | |
| $$$lang-translate.service.js.aspx | |
| $367-Million-Merger-Blocked.html | |
| $defaultnav | |
| ${idfwbonavigation}.xml | |
| $_news.php | |
| $search2 | |
| £º | |
| .0 | |
| /0 |
jgamblin
/ nmapburp.sh
Created
September 6, 2018 19:49
NMap a network and send all open web servers to Burp.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Script to Scan All Sites Found With A Simple NMAP Scan With Burp. | |
| sites=$(nmap "$1" --open 443 --resolve-all --open -oG - | awk 'NR!=1 && /open/{print $2}') | |
| for site in $sites | |
| do | |
| curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}' > /dev/null 2>&1 | |
| printf "Scanning %s with burp.\\n" "$site" | |
| done |
jhaddix
/ content_discovery_all.txt
Created
May 26, 2018 11:51
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
ahmadhasankhan
/ MySql-5.5-installation guide.md
Last active
November 9, 2024 20:53
Install MySQL 5.5.xx on Ubuntu
Please visit https://asistencia.in/blogs/1-mysql-5-5-installation-guide
Thank you
nstarke
/ nodejs-security-vulnerability-grep.sh
Last active
April 10, 2025 00:59
Node.js Security Vulnerability Grep
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this command will return instances where the child_process module is loaded. | |
| # that module is generally a good signal that the application is shelling out | |
| egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "require(\s*)\((\s*)'child_process'(\s*))" . | |
| # this command will return instances where code is dynamically executed. | |
| egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "eval(\s*)\(" . | |
| # this command will check common dangerous functions and report when strings are arguments | |
| egrep -r --exclude-dir "node_modules" --include "*.js" --exclude "*.min.*" -e "(setInterval|setTimeout|new(\s*)Function)(\s*)\((\s*)\".*\"" . |