Skip to main content


Public IP​


Default password​

BugMeNot - Share logins​

Search Sploits​

searchsploit <key word>


tmux new -s <name>
tmux a -t <name>
C-b ]
C-b z
C-b $

2 Interfaces - 2 Gateways​

route add -net <> gw <gw_ip>
route add default gw <default_gw_ip>

Strings (n characters)​

strings -n <minimal length> <file>

Hex stuff​

xxd -p binary.bin > dump.hex
xxd -p -r dump.hex > dumpfile.bin && chmod +x dumpfile.bin

Browser fingerprint​

Create a macOS app​

The name of the bash script must be the same as the folder without .app.s

cd /Applications
mkdir <>
cd <>
touch MyApp


GPP decrypt'A-Za-z0-9%2B/%3D',true)AES_Decrypt(%7B'option':'Hex','string':'4e9906e8fcb66cc9faf49310620ffee8f496e806cc057990209b09a433b66c1b'%7D,%7B'option':'Hex','string':''%7D,'CBC','Raw','Raw',%7B'option':'Hex','string':''%7D)Decode_text('UTF16LE%20(1200)')

PowerShell encode / decode'UTF16LE%20(1200)')To_Base64('A-Za-z0-9%2B/%3D')'A-Za-z0-9%2B/%3D',true)Decode_text('UTF16LE%20(1200)')

Password to NTLM hash'UTF16LE%20(1200)')MD4()

Password to NTLM​

python -c 'import hashlib,binascii; print binascii.hexlify("md4", "<password>".encode("utf-16le")).digest())'


apt-get install mingw-w64
i686-w64-mingw32-gcc -lws2_32 -o <binary file> <C file>

Service status​

Notify when service is dead

while `nc -z -w3 <ip> <port> > /dev/null`; do sleep 1; done; echo "[-] Service is dead"; echo -e "\x07"

Notify when service is up

while (true); do nc -z -w3 <ip> <port> > /dev/null && echo "[+] Service is alive" && echo -e "\x07" && break; sleep 1; done

Redirect raw TCP to SSL/TLS​

socat TCP-LISTEN:<local_port>,fork,reuseaddr OPENSSL:<remote_host>:<remote_port>[,verify=0]

Git pull all subdirectories in /opt​


Build presentation from markdown​

Use remark.js minimal template:

<!DOCTYPE html>
<meta charset="utf-8">
@import url(;
@import url(,700,400italic);
@import url(,700,400italic);
body { font-family: 'Droid Serif'; }
h1, h2, h3 {
font-family: 'Yanone Kaffeesatz';
font-weight: normal;
.remark-code, .remark-inline-code { font-family: 'Ubuntu Mono'; }
<textarea id="source">

class: center, middle

# Title


# Agenda

1. Introduction
2. Deep-dive
3. ...
<script src="">
var slideshow = remark.create();

Cyberchef update script​


# Github release API
# Fetch release id associated to "latest" tag
releaseID=`curl -s | jq -r .id`

# Fetch asset list for latest release and select download url based on filename regex
downloadUrl=`curl -s "$releaseID/assets" | jq -r '.[] | select(.name|test("CyberChef_v?.*zip"))|.browser_download_url'`

# Download archive to tmp directory
wget $downloadUrl -O /tmp/

# Test if file is an archive
if [[ ! $(file -b --mime-type /tmp/ == "application/zip" ]]
logger "[CRITICAL] World-Best tool (CyberChef) update script failed, investigation needed"
exit -1

# Replace old CyberChef install
rm -rf /var/www/CyberChef/*
7z x /tmp/ -o/var/www/CyberChef/

# rename main file to index.html

mv /var/www/CyberChef/CyberChef_v*.html /var/www/CyberChef/index.html
rm /tmp/

Generate PDF​

cd /tmp
docker run --rm -t -v /tmp:/slides astefanutti/decktape --chrome-arg=--no-sandbox /tmp/index.html slides.pdf