Forwarded from 卩ro 爪Cracker
raptor_waf
Raptor is a Web application firewall made in C that uses DFA to block SQL injection, Cross-site scripting, and path traversal.
https://github.com/CoolerVoid/raptor_waf
Research:
http://funguscodes.blogspot.com.br/
Raptor is a Web application firewall made in C that uses DFA to block SQL injection, Cross-site scripting, and path traversal.
https://github.com/CoolerVoid/raptor_waf
Research:
http://funguscodes.blogspot.com.br/
👍2
Forwarded from 卩ro 爪Cracker
HopLa
All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in #Burp Suite to make your intrusion easier.
Feel free to improve with your payloads ! ❤️
https://github.com/synacktiv/HopLa
All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in #Burp Suite to make your intrusion easier.
Feel free to improve with your payloads ! ❤️
https://github.com/synacktiv/HopLa
👍2
Top 8 Github Repos to Learn Data Science and Python
1. All algorithms implemented in Python
By: The Algorithms
Stars ⭐️: 135K
Fork: 35.3K
Repo: https://github.com/TheAlgorithms/Python
2. DataScienceResources
By: jJonathan Bower
Stars ⭐️: 3K
Fork: 1.3K
Repo: https://github.com/jonathan-bower/DataScienceResources
3. Playground and Cheatsheet for Learning Python
By: Oleksii Trekhleb ( Also the Image)
Stars ⭐️: 12.5K
Fork: 2K
Repo: https://github.com/trekhleb/learn-python
4. Learn Python 3
By: Jerry Pussinen
Stars ⭐️: 4,8K
Fork: 1,4K
Repo: https://github.com/jerry-git/learn-python3
5. Awesome Data Science
By: Fatih Aktürk, Hüseyin Mert & Osman Ungur, Recep Erol.
Stars ⭐️: 18.4K
Fork: 5K
Repo: https://github.com/academic/awesome-datascience
6. data-scientist-roadmap
By: MrMimic
Stars ⭐️: 5K
Fork: 1.5K
Repo: https://github.com/MrMimic/data-scientist-roadmap
7. Data Science Best Resources
By: Tirthajyoti Sarkar
Stars ⭐️: 1.8K
Fork: 717
Repo: https://github.com/tirthajyoti/Data-science-best-resources/blob/master/README.md
8. Ds-cheatsheets
By: Favio André Vázquez
Stars ⭐️: 10.4K
Fork: 3.1K
Repo: https://github.com/FavioVazquez/ds-cheatsheets
1. All algorithms implemented in Python
By: The Algorithms
Stars ⭐️: 135K
Fork: 35.3K
Repo: https://github.com/TheAlgorithms/Python
2. DataScienceResources
By: jJonathan Bower
Stars ⭐️: 3K
Fork: 1.3K
Repo: https://github.com/jonathan-bower/DataScienceResources
3. Playground and Cheatsheet for Learning Python
By: Oleksii Trekhleb ( Also the Image)
Stars ⭐️: 12.5K
Fork: 2K
Repo: https://github.com/trekhleb/learn-python
4. Learn Python 3
By: Jerry Pussinen
Stars ⭐️: 4,8K
Fork: 1,4K
Repo: https://github.com/jerry-git/learn-python3
5. Awesome Data Science
By: Fatih Aktürk, Hüseyin Mert & Osman Ungur, Recep Erol.
Stars ⭐️: 18.4K
Fork: 5K
Repo: https://github.com/academic/awesome-datascience
6. data-scientist-roadmap
By: MrMimic
Stars ⭐️: 5K
Fork: 1.5K
Repo: https://github.com/MrMimic/data-scientist-roadmap
7. Data Science Best Resources
By: Tirthajyoti Sarkar
Stars ⭐️: 1.8K
Fork: 717
Repo: https://github.com/tirthajyoti/Data-science-best-resources/blob/master/README.md
8. Ds-cheatsheets
By: Favio André Vázquez
Stars ⭐️: 10.4K
Fork: 3.1K
Repo: https://github.com/FavioVazquez/ds-cheatsheets
GitHub
GitHub - TheAlgorithms/Python: All Algorithms implemented in Python
All Algorithms implemented in Python. Contribute to TheAlgorithms/Python development by creating an account on GitHub.
👍1
https://github.com/v4d1/Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Forwarded from 卩ro 爪Cracker
Forwarded from 卩ro 爪Cracker
#cheatsheet
Cheatsheet Resources
Command-Line-Cheatsheet - Interactive command-line cheatsheet tool.
Python-Cheatsheet - A comprehensive Python cheatsheet.
Kali-Linux-Cheetsheet - Kali Linux cheatsheet.
PayloadAllTheThings - Payloads and cheatsheet for PT.
Awesome-RedTeam-Cheatsheet - AD and pentesting cheatsheet
Reverse-Proxies-Cheatsheet - Reverse proxies cheatsheet.
Reverse Shell-Cheatsheet - Reverse shell cheatsheet
SQL-Injection-Cheatsheet - SQL Injection cheatsheet.
Cheatsheet Resources
Command-Line-Cheatsheet - Interactive command-line cheatsheet tool.
Python-Cheatsheet - A comprehensive Python cheatsheet.
Kali-Linux-Cheetsheet - Kali Linux cheatsheet.
PayloadAllTheThings - Payloads and cheatsheet for PT.
Awesome-RedTeam-Cheatsheet - AD and pentesting cheatsheet
Reverse-Proxies-Cheatsheet - Reverse proxies cheatsheet.
Reverse Shell-Cheatsheet - Reverse shell cheatsheet
SQL-Injection-Cheatsheet - SQL Injection cheatsheet.
GitHub
GitHub - denisidoro/navi: An interactive cheatsheet tool for the command-line
An interactive cheatsheet tool for the command-line - denisidoro/navi
❤1👍1
Forwarded from 卩ro 爪Cracker
Simulating attacks with Sysmon
Research:
https://rootdse.org/posts/understanding-sysmon-events/
Tool:
https://github.com/ScarredMonk/SysmonSimulator
#sysmon #simulator #blueteam #lab
Research:
https://rootdse.org/posts/understanding-sysmon-events/
Tool:
https://github.com/ScarredMonk/SysmonSimulator
#sysmon #simulator #blueteam #lab
Forwarded from 卩ro 爪Cracker
CVE-2022-23642
PoC for Sourcegraph Gitserver 3.37.0 RCE
Sourcegraph prior to 3.37.0 has a remote code execution vulnerability on its gitserver service. This is due to lack of restriction on git config execution thus "core.sshCommand" can be passed on the HTTP arguments which can contain arbitrary bash commands. Note that this is only possible if gitserver is exposed to the attacker.
https://github.com/Altelus1/CVE-2022-23642
Research:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23642
#exploit #cve
PoC for Sourcegraph Gitserver 3.37.0 RCE
Sourcegraph prior to 3.37.0 has a remote code execution vulnerability on its gitserver service. This is due to lack of restriction on git config execution thus "core.sshCommand" can be passed on the HTTP arguments which can contain arbitrary bash commands. Note that this is only possible if gitserver is exposed to the attacker.
https://github.com/Altelus1/CVE-2022-23642
Research:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23642
#exploit #cve
Forwarded from 卩ro 爪Cracker
COFFInjector
A Proof of Concept code - loading and injecting MSVC object file.
https://github.com/0xpat/COFFInjector
Research:
https://0xpat.github.io/Malware_development_part_8/
A Proof of Concept code - loading and injecting MSVC object file.
https://github.com/0xpat/COFFInjector
Research:
https://0xpat.github.io/Malware_development_part_8/
GitHub
GitHub - 0xpat/COFFInjector: PoC MSVC COFF Object file loader/injector.
PoC MSVC COFF Object file loader/injector. Contribute to 0xpat/COFFInjector development by creating an account on GitHub.
𝗪𝗵𝗮𝘁 𝗶𝘀 𝘁𝗵𝗲 𝗧𝗖𝗣/𝗜𝗣 𝗠𝗼𝗱𝗲𝗹?
Introduction to TCP/IP Model. 🧵👇🏻
It is a standardization model for computer networking. The OSI model, while widely referenced, is not used in practice. The TCP/IP model, on the other hand, is the real deal. Fortunately, it's not all that different.
https://twitter.com/xtremepentest/status/1535919885586513920?t=CYsB6fjYnnnxarfpZ3pEUw&s=19
Introduction to TCP/IP Model. 🧵👇🏻
It is a standardization model for computer networking. The OSI model, while widely referenced, is not used in practice. The TCP/IP model, on the other hand, is the real deal. Fortunately, it's not all that different.
https://twitter.com/xtremepentest/status/1535919885586513920?t=CYsB6fjYnnnxarfpZ3pEUw&s=19
Twitter
Traw
Introduction to TCP/IP Model. 🧵👇🏻
https://github.com/Screetsec/TheFatRat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
🔥1
https://github.com/SecuProject/DLLHijackingScanner
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.
These people are underestimating the Indian hackers, then show them some power. Their twitter handle: https://twitter.com/DragonForceIO
❤5👍2