#platform/linux #target/remote #cat/AD #tag/enum
./linWinPwn.sh -t <dc_ip>
moscowchill
moscowchill
/ vote_security_test.go
Created
February 9, 2026 10:03
PoC: BSC double-sign evidence self-comparison bug (core/types/vote.go:110)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package types | |
| import ( | |
| "bytes" | |
| "testing" | |
| "github.com/ethereum/go-ethereum/common" | |
| ) | |
| // TestSelfComparisonBug_DifferentAddressesAccepted proves that |
moscowchill
/ host_case_bypass_test.go
Created
February 9, 2026 08:05
PoC: Caddy MatchHost case-sensitive binary search bypass (>100 hosts)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package caddyhttp | |
| import ( | |
| "context" | |
| "fmt" | |
| "net/http" | |
| "testing" | |
| "github.com/caddyserver/caddy/v2" | |
| ) |
moscowchill
/ connpolicy_swallowed_err_test.go
Created
February 9, 2026 07:39
PoC test: mTLS fail-open due to swallowed errors in Caddy connpolicy.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package caddytls | |
| import ( | |
| "crypto/ecdsa" | |
| "crypto/elliptic" | |
| "crypto/rand" | |
| "crypto/tls" | |
| "crypto/x509" | |
| "crypto/x509/pkix" | |
| "encoding/pem" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| # Update package cache | |
| package_update: true | |
| package_upgrade: true | |
| # Install base packages | |
| packages: | |
| - curl | |
| - wget |
moscowchill
/ linwinpwn_cheats.md
Created
September 8, 2025 08:36
Linwinpwn cheatsheet for use with arsenal and linwinpwn.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # projectdiscovery | |
| #platform/linux #target/remote #cat/RECON #tag/scan | |
| ## ProjectDiscovery - intern top/100 web ports nuclei killchain | |
| ``` | |
| sudo /home/kali/go/bin/naabu -host <ip_range> -p 8080,10000,20000,2222,7080,9009,7443,2087,2096,8443,4100,2082,2083,2086,9999,2052,9001,9002,7000,7001,8082,8084,8085,8010,9000,2078,2080,2079,2053,2095,4000,5280,8888,9443,5800,631,8000,8008,8087,84,85,86,88,10125,9003,7071,8383,7547,3434,10443,8089,3004,81,4567,7081,82,444,1935,3000,9998,4433,4431,4443,83,90,8001,8099,80,300,443,591,593,832,981,1010,1311,2480,3128,3333,4243,4711,4712,4993,5000,5104,5108,6543,7396,7474,8014,8042,8069,8081,8088,8090,8091,8118,8123,8172,8222,8243,8280,8281,8333,8500,8834,8880,8983,9043,9060,9080,9090,9091,9200,9800,9981,12443,16080,18091,18092,20720,28017 -silent -stats | httpx -silent -o <output_file> | nuclei -headless -s low,medium,high,critical -o <output_file> | |
| ``` | |
| ## ProjectDiscovery - targets file top/100 web ports nuclei killchain | |
| ``` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # 2020.02.18 - @nyxgeek - TrustedSec | |
| # generate weak passwords based on current date | |
| import datetime | |
| from datetime import datetime, timedelta | |
| import argparse | |
| parser = argparse.ArgumentParser(description='Maakt password spraying list en schijft naar latest_passwords.txt (zonder argumenten)') | |
| parser.add_argument('-u', '--uitgebreid', dest='uitgebreid', action='store_true', help='Maakt de lijst uitgebreider') | |
| parser.add_argument('-l', '--lamer', dest='dolame', action='store_true', help='l33tspeak transmutate output') |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| echo. | |
| openfiles > NUL 2>&1 | |
| if %errorlevel% NEQ 0 ( | |
| echo You are not running as Administrator... | |
| echo This batch cannot do it's job without elevation! | |
| echo. | |
| echo Right-click and select ^'Run as Administrator^' and try again... | |
| echo. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Function to check if directory exists | |
| create_directory_if_not_exist() { | |
| if [ ! -d "$1" ]; then | |
| mkdir -p "$1" | |
| fi | |
| } | |
| BASE_DIR="${HOME}/Project/ext_active" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Remove any old versions | |
| for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do | |
| sudo apt-get remove -y $pkg | |
| done | |
| # Update package index and install prerequisites | |
| sudo apt-get update | |
| sudo apt-get install -y ca-certificates curl |
NewerOlder