From 928a6607167209f94d58a3da314c19b370f15275 Mon Sep 17 00:00:00 2001 From: alexrf45 Date: Wed, 29 Nov 2023 18:53:32 -0500 Subject: [PATCH] testing for new release --- resources/ctf.yaml | 29 ----------------------------- resources/zsh/history | 13 ++++++++++--- resources/zsh/zshrc | 6 ++---- sources/3-wordlists.sh | 3 +++ 4 files changed, 15 insertions(+), 36 deletions(-) delete mode 100644 resources/ctf.yaml diff --git a/resources/ctf.yaml b/resources/ctf.yaml deleted file mode 100644 index bebb82d..0000000 --- a/resources/ctf.yaml +++ /dev/null @@ -1,29 +0,0 @@ -session_name: kali -windows: -- window_name: recon - layout: tiled - panes: - - - - - -- window_name: enum - layout: tiled - panes: - - - - - -- window_name: foothold_pivot - layout: tiled - panes: - - ssh-keygen -t ed25519 -C "htb" -N '' -f ctf - - - - - - - -- window_name: privesc - layout: tiled - panes: - - - - - - - - diff --git a/resources/zsh/history b/resources/zsh/history index d0eb859..f16148f 100644 --- a/resources/zsh/history +++ b/resources/zsh/history @@ -88,9 +88,16 @@ export NAME= export TARGET= export USER= fcrackzip -u -v -D -p /usr/share/wordlists/rockyou.txt file.zip -ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403 -w /u$HOME/.wordlists/common.txt -u http://$DOMAIN/FUZZ -ffuf -c -t 5 -rate 30 -p 0.2 -H "User-Agent: $AGENT" -r -ac -o $NAME.json -of json -mc 200,302,403 -w /usr/share/seclists/Discovery/Web-Content/raft-small-words.txt -u http://$DOMAIN/FUZZ -ffuf -c -t 5 -rate 30 -p 0.2 -H "User-Agent: $AGENT" -o $NAME_domains.json -of json -H "Host:FUZZ.$DOMAIN" -mc 200,403 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u http://$DOMAIN/ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403 -w $HOME/.wordlists/common.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403,401 -w $HOME/.wordlists/api.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403,401 -w $HOME/.wordlists/dir-list.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403,401 -w $HOME/.wordlists/raft-small.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403,401 -w $HOME/.wordlists/api-wild.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403,401 -w $HOME/.wordlists/fuzz-1.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,302,422,403,401 -w $HOME/.wordlists/LFI.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 20 -p 0.2 -H "User-Agent: $AGENT" -ac -o $NAME.json -of json -mc 200,503,500,400 -w $HOME/.wordlists/SQL.txt -u http://$DOMAIN/FUZZ +ffuf -c -t 5 -rate 30 -p 0.2 -H "User-Agent: $AGENT" -o $NAME_domains.json -of json -H "Host:FUZZ.$DOMAIN" -mc 200,403 -w $HOME/.wordlists/dns.txt -u http://$DOMAIN/ +ffuf -c -t 5 -rate 30 -p 0.2 -H "User-Agent: $AGENT" -o $NAME_domains.json -of json -H "Host:FUZZ.$DOMAIN" -mc 200,403 -w $HOME/.wordlists/dns-1.txt -u http://$DOMAIN/ ffuf -request REQUESTFILE -request-proto http -w PATH/TO/WORDLIST -fs 0 -c find DIR -type f -newermt YYYY-MM-DD ! -newermt YYYY-MM-DD > /dev/null gMSADumper.py -d "$DOMAIN" -l "$DC_HOST" -u "$USER" -p "$PASSWORD" diff --git a/resources/zsh/zshrc b/resources/zsh/zshrc index 06b0855..9ec4950 100644 --- a/resources/zsh/zshrc +++ b/resources/zsh/zshrc @@ -64,7 +64,6 @@ alias http='python3 -m http.server 80' alias reload='. ~/.zshrc' alias update='sudo apt-get update -y' alias t='tmux -f ~/.tmux.conf' -alias ctf='tmuxp load ~/.config/tmuxp/ctf.yaml' alias bounty='tmuxp load ~/.config/tmuxp/bounty.yaml' alias i='sudo apt-get install -y' alias public='curl wtfismyip.com/text' @@ -73,7 +72,6 @@ alias commands='history | cut -c 6-' alias proxy='proxychains' #basic shortcuts with a windows target flavor -alias secretsdump='impacket-secretsdump' alias ps-shell='cp ~/nishang/Shells/Invoke-PowerShellTcpOneLine.ps1 .' alias portscan='cp ~/nishang/Scan/Invoke-PortScan.ps1 .' alias cme='netexec' @@ -83,8 +81,8 @@ ffuf_subdomain () { ffuf -c -t 5 -rate 20 -p 0.2 \ -H "User-Agent: $AGENT" -o $NAME_domains.json -of json \ - -H "Host:FUZZ.$DOMAIN" \ - -mc 200,403 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u http://$DOMAIN/ + -H "Host: FUZZ.$DOMAIN" \ + -mc 200,403,401,503,500,302 -w $HOME/.wordlists/dns.txt -u http://$DOMAIN/ } ffuf_directory () { diff --git a/sources/3-wordlists.sh b/sources/3-wordlists.sh index fba704a..5b26a2b 100644 --- a/sources/3-wordlists.sh +++ b/sources/3-wordlists.sh @@ -22,3 +22,6 @@ wget "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Fuzzing/L wget "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Fuzzing/SQLi/Generic-BlindSQLi.fuzzdb.txt" -q -O $HOME/.wordlists/SQL.txt +wget "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/subdomains-top1million-20000.txt" -q -O $HOME/.wordlists/dns.txt + +wget "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/bitquark-subdomains-top100000.txt" -q -O $HOME/.wordlists/dns-1.txt