Ngrok: External connectivity for your PoCs

Ngrok is an application that helps you to give a way to access your local service from the Internet. It can be a useful tool to test your PoCs. This app has a free tier for your projects with non-commercial use. Installation and configuration https://ngrok.com/docs/getting-started Signup into Ngrok and download the app. It is a portable app, so you just have to download the file and run it. No dependencies

Oh my Zsh (Mac OS / Linux) – Install + Config

If Zsh shell is not previously installed: $ sudo apt install zsh Change the default shell: $ chsh -s /bin/zsh# usermod –shell /usr/bin/zsh <username> Note: This process will need to be done for every user in the system that wants to use this shell (root included) Install Oh My Zshhttps://ohmyz.sh/ $ sh -c «$(curl -fsSL https://raw.github.com/ohmyzsh/ohmyzsh/master/tools/install.sh)» PowerLevel10k ZSH theme https://github.com/romkatv/powerlevel10k git clone –depth=1 https://github.com/romkatv/powerlevel10k.git ${ZSH_CUSTOM:-$HOME/.oh-my-zsh/custom}/themes/powerlevel10k Add the powerlevel10k theme to

Take a quick screenshot in your Mac

This is a quick way to take a screenshot of a specific region with a Macbook: Open the screenshot app and select the way screenshots are going to be managed once taken. I prefer to save it into the clipboard Click at the same time Shift + Command + 4 Select the area you want to capture Release the mouse Now the screenshot will be in your clipboard ready to

Pentest web checklist with Obsidian

If you are looking for a checklist for your pentest web, you can try this one. It is a checklist created by six2dez. In this GitHub repository, you’ll find this and many other resources for your pentests. Check it out!  The way I use it is with Obsidian as a template. In Obsidian, I create a new file and insert this checklist as a template. I use the key-binding ⌘ T

HTB GoodGames

$ nmap -sV -p- goodgames.htb –min-rate 5000 http://goodgames.htb/ We can test if this site is vulnerable to an SQL Injection. If we just add a ‘, we can reach the login page with a registration form. http://internal-administration.goodgames.htb/ We don’t have credentials for this site, but as we’ve confirmed there is an sql injection let’s try to exploit it. First, we need to know how many columns exist. email=admin%40test.com’ union all

Kali Linux 2022.1 & MacBook M1 Pro – boot issue

In one of the last Kali’s updates a new kernel was installed and now if I try to run it inside my VM app (VMware Fusion and Parallels) for my MacBook Pro with an M1 Pro processor gives an error. While I don’t find a better solution or a new update solves this issue, there is a workaround that can be made to boot again Kali Linux.The fix is just

Mac OS Finder: Shortcut to show hidden files

To show all hidden folders and files from your Finder you just need to press:

How to delete Git last commit

$git push -f origin HEAD^:master

Share files with your VM without sharing a folder

When you use a VM, it is often needed to transfer files from the host to the VM and vice-versa. One of the usual options for that is a shared folder that needs previously to be configured. Sometimes happens that you can have an issue with this configuration and it is not possible to do it as easy as it should be. Here is when Magic Wormhole comes to the

HTB Swagshop

$ nmap -p- -sV 10.10.10.140 $sudo nano /etc/hosts Access to http://swagshop.htb/ As we are facing a Magento, we can use Magescan to check it. $ wget https://github.com/steverobbins/magescan/releases/download/v1.12.9/magescan.phar $ php magescan.phar scan:all http://swagshop.htb From the magescan report, if we find about patches, the first one is SUPEE-5344. https://magento.com/security/patches/supee-5344-%E2%80%93-shoplift-bug-patchhttps://blog.sucuri.net/2015/04/magento-shoplift-supee-5344-exploits-in-the-wild.htmlhttps://github.com/joren485/Magento-Shoplift-SQLI/blob/master/poc.py With this poc, you should be able to add an admin user. $ python3 poc.py swagshop.htb Access to http://swagshop.htb/index.php/admin The “Froghopper” Attack After