Shockz
SHOCKZ
bash -i >& /dev/tcp/localhost/1337 0>&1

Pentesting & Red Team Lead | Offensive Security Engineer | Developer | Ethical Hacker | HTB & THM Player

Posts about Cybersecurity, CTF's, Ethical Hacking and other projects

Posts by Category and Tags

Posts by Tags

hackthebox

Missing In Action - Hack The Box Challenge hackthebox

  less than 1 minute read

missing Missing In Action it’s a osint challenge from HackTheBox where we will have to find out information about where it could be the missing person.

Money Flowz - Hack The Box Challenge hackthebox

  less than 1 minute read

money Money Flowz it’s a osint challenge from HackTheBox where we will have to find out information about cryto transactions

Breach - Hack The Box Challenge hackthebox

  less than 1 minute read

breach Breach it’s a osint challenge from HackTheBox where we will have to find out information in some files coming from a company leak.

Back to top ↑

challenge

Missing In Action - Hack The Box Challenge hackthebox

  less than 1 minute read

missing Missing In Action it’s a osint challenge from HackTheBox where we will have to find out information about where it could be the missing person.

Money Flowz - Hack The Box Challenge hackthebox

  less than 1 minute read

money Money Flowz it’s a osint challenge from HackTheBox where we will have to find out information about cryto transactions

Breach - Hack The Box Challenge hackthebox

  less than 1 minute read

breach Breach it’s a osint challenge from HackTheBox where we will have to find out information in some files coming from a company leak.

Back to top ↑

projects

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Grepz - Project

  2 minute read

grepz Grepz is a versatile command-line tool for searching and highlighting specific terms or regex in a text file. Its customizable color options and ability to display lines before and after a match provide context, and it also offers a special reporting mode that highlights matches with a box.

Forencics Recompiler for Linux - Project

  less than 1 minute read

This script will recompile most of the information that is usually obtained from a Linux system before an expert or forensic analysis. In addition all the information will be signed with SHA256.

Hill Cipher - Project

  1 minute read

The Hill cipher was proposed by Lester S. Hill in 1929, which is a polygraph substitution cryptosystem that uses the product of matrices to perform operations based on using a matrix as a key to encrypt a plaintext and its inverse to decrypt the corresponding cryptogram.

Browser Data Trojan for Windows - Project

  3 minute read

This client-server project allows the client to recompile all the information from the Chrome, Edge and OperaGX browsers and then compresses it and send it to the server via TCP to the server, although it also has the option of doing so via Stmp, on the other hand the server allows decrypting all files, including passwords, cookies, etc

IPGeo Grabber Omegle - Project

  2 minute read

This script allows to obtain the geolocation of the stranger in a video chat on the Omegle platform in real time through the capture of the public IP, thanks to the Peer-to-Peer communication with WebRTC that follows the web.

TV Time - Project

  less than 1 minute read

This script shows you how long it has taken you to watch a series or all your favorite series.

Reactions - Project

  1 minute read

reactions Reactions is an application with which you can test your reflexes and get in milliseconds or seconds your reaction speed. The application was made with the Flutter framework and programmed in Dart.

T.C.A.E Protocols - Project

  less than 1 minute read

T.C.A.E Protocols is an Android application that displays the various nursing assistant protocols, also allows saving in favorites and quick search.

Burguer King Sandy Bot - Project

  less than 1 minute read

This code allows you to automatically take the https://www.miexperienciabkespana.com surveys and get a code which you have to write on the front of a Burger King ticket. You will get a free MiniSandy or a free coffee. Only in Spain.

Whatsapp Web Spammer - Project

  less than 1 minute read

WhatsApp Web Spammer is a script that specifying the target (name of the victim), sends a number of messages that can be modified in the code automatically, and you will only have to scan the QR code of WhatsApp Web one time.

White Shark 3D - Project

  less than 1 minute read

White Shark 3D is a 3d modeling project, in which it was tried to be as faithful to the image of a white shark … less in the textures (despite being made by hand).

Walldown - Project

  less than 1 minute read

WallDown is a mobile application that allows you to view wallpapers based on a catalog or your own, and then set them as wallpaper on your device or download them.

PHP Code Analyzer - Project

  less than 1 minute read

This program analyzes several files (programmed in PHP) that are specified in the ‘directories’ file under the MVC model (Model, View, Controller), then it will analyze the codes and it will detect errors in comments, loops, control structures, variables, missing files, etc… It will also indicate where the failure is.

Battleship Sea Battle - Project

  less than 1 minute read

Battleship Sea Battle is a popular guessing, board game for two players. The locations of the fleets are concealed from the other player. The objective of the game is to destroy the opposing player’s fleet.

Back to top ↑

post

Back to top ↑

article

Back to top ↑

tryhackme

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

vulnhub

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

machine

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

scripting

Burguer King Sandy Bot - Project

  less than 1 minute read

This code allows you to automatically take the https://www.miexperienciabkespana.com surveys and get a code which you have to write on the front of a Burger King ticket. You will get a free MiniSandy or a free coffee. Only in Spain.

Whatsapp Web Spammer - Project

  less than 1 minute read

WhatsApp Web Spammer is a script that specifying the target (name of the victim), sends a number of messages that can be modified in the code automatically, and you will only have to scan the QR code of WhatsApp Web one time.

Back to top ↑

steganography

Back to top ↑

cipher

Hill Cipher - Project

  1 minute read

The Hill cipher was proposed by Lester S. Hill in 1929, which is a polygraph substitution cryptosystem that uses the product of matrices to perform operations based on using a matrix as a key to encrypt a plaintext and its inverse to decrypt the corresponding cryptogram.

Back to top ↑

web

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

python

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Hill Cipher - Project

  1 minute read

The Hill cipher was proposed by Lester S. Hill in 1929, which is a polygraph substitution cryptosystem that uses the product of matrices to perform operations based on using a matrix as a key to encrypt a plaintext and its inverse to decrypt the corresponding cryptogram.

Browser Data Trojan for Windows - Project

  3 minute read

This client-server project allows the client to recompile all the information from the Chrome, Edge and OperaGX browsers and then compresses it and send it to the server via TCP to the server, although it also has the option of doing so via Stmp, on the other hand the server allows decrypting all files, including passwords, cookies, etc

TV Time - Project

  less than 1 minute read

This script shows you how long it has taken you to watch a series or all your favorite series.

Burguer King Sandy Bot - Project

  less than 1 minute read

This code allows you to automatically take the https://www.miexperienciabkespana.com surveys and get a code which you have to write on the front of a Burger King ticket. You will get a free MiniSandy or a free coffee. Only in Spain.

Whatsapp Web Spammer - Project

  less than 1 minute read

WhatsApp Web Spammer is a script that specifying the target (name of the victim), sends a number of messages that can be modified in the code automatically, and you will only have to scan the QR code of WhatsApp Web one time.

Back to top ↑

misc

Back to top ↑

linux

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Forencics Recompiler for Linux - Project

  less than 1 minute read

This script will recompile most of the information that is usually obtained from a Linux system before an expert or forensic analysis. In addition all the information will be signed with SHA256.

Back to top ↑

php

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

PHP Code Analyzer - Project

  less than 1 minute read

This program analyzes several files (programmed in PHP) that are specified in the ‘directories’ file under the MVC model (Model, View, Controller), then it will analyze the codes and it will detect errors in comments, loops, control structures, variables, missing files, etc… It will also indicate where the failure is.

Back to top ↑

osint

Missing In Action - Hack The Box Challenge hackthebox

  less than 1 minute read

missing Missing In Action it’s a osint challenge from HackTheBox where we will have to find out information about where it could be the missing person.

Money Flowz - Hack The Box Challenge hackthebox

  less than 1 minute read

money Money Flowz it’s a osint challenge from HackTheBox where we will have to find out information about cryto transactions

Breach - Hack The Box Challenge hackthebox

  less than 1 minute read

breach Breach it’s a osint challenge from HackTheBox where we will have to find out information in some files coming from a company leak.

Back to top ↑

java

T.C.A.E Protocols - Project

  less than 1 minute read

T.C.A.E Protocols is an Android application that displays the various nursing assistant protocols, also allows saving in favorites and quick search.

Walldown - Project

  less than 1 minute read

WallDown is a mobile application that allows you to view wallpapers based on a catalog or your own, and then set them as wallpaper on your device or download them.

Back to top ↑

bruteforce

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

golang

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

Grepz - Project

  2 minute read

grepz Grepz is a versatile command-line tool for searching and highlighting specific terms or regex in a text file. Its customizable color options and ability to display lines before and after a match provide context, and it also offers a special reporting mode that highlights matches with a box.

Back to top ↑

android

Reactions - Project

  1 minute read

reactions Reactions is an application with which you can test your reflexes and get in milliseconds or seconds your reaction speed. The application was made with the Flutter framework and programmed in Dart.

T.C.A.E Protocols - Project

  less than 1 minute read

T.C.A.E Protocols is an Android application that displays the various nursing assistant protocols, also allows saving in favorites and quick search.

Walldown - Project

  less than 1 minute read

WallDown is a mobile application that allows you to view wallpapers based on a catalog or your own, and then set them as wallpaper on your device or download them.

Back to top ↑

app

Reactions - Project

  1 minute read

reactions Reactions is an application with which you can test your reflexes and get in milliseconds or seconds your reaction speed. The application was made with the Flutter framework and programmed in Dart.

T.C.A.E Protocols - Project

  less than 1 minute read

T.C.A.E Protocols is an Android application that displays the various nursing assistant protocols, also allows saving in favorites and quick search.

Walldown - Project

  less than 1 minute read

WallDown is a mobile application that allows you to view wallpapers based on a catalog or your own, and then set them as wallpaper on your device or download them.

Back to top ↑

script

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Back to top ↑

pentesting

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Back to top ↑

selenium

Burguer King Sandy Bot - Project

  less than 1 minute read

This code allows you to automatically take the https://www.miexperienciabkespana.com surveys and get a code which you have to write on the front of a Burger King ticket. You will get a free MiniSandy or a free coffee. Only in Spain.

Whatsapp Web Spammer - Project

  less than 1 minute read

WhatsApp Web Spammer is a script that specifying the target (name of the victim), sends a number of messages that can be modified in the code automatically, and you will only have to scan the QR code of WhatsApp Web one time.

Back to top ↑

image-processing

Back to top ↑

flask

Back to top ↑

ssti

Back to top ↑

rce

Back to top ↑

reconnaissance

Grepz - Project

  2 minute read

grepz Grepz is a versatile command-line tool for searching and highlighting specific terms or regex in a text file. Its customizable color options and ability to display lines before and after a match provide context, and it also offers a special reporting mode that highlights matches with a box.

Back to top ↑

wordpress

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

suid

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

privilege-escalation

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

reverse-shell

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

wpscan

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

hydra

Mr.Robot 2021 - Try Hack Me/VulnHub tryhackme

  10 minute read

mr-robot Mr. Robot is a machine from Try Hack Me platform (Also available on VulnHub). I highly recommend you do this CTF not only because of the theme of the TV show but because it’s a good practice machine and it is an OSCP Like machine. On this machine we will have to brute force, exploit a Wordpress CMS which will be shown several ways to do so valid for the machine, perform more brute force and finally perform a privilege escalation via suid explotation.

Mr.Robot 2021 - Try Hack Me/VulnHub - Spanish Version tryhackme

  10 minute read

mr-robot Mr. Robot es una máquina de la plataforma Try Hack Me (También disponible en VulnHub). Os recomiendo encarecidamente que hagáis este CTF no sólo por la temática del programa de televisión sino porque es una buena máquina de práctica y es una máquina OSCP Like. En esta máquina tendremos que hacer fuerza bruta, explotar un CMS de Wordpress del que se mostrarán varias formas de hacerlo válidas para la máquina, realizar más fuerza bruta y finalmente realizar una escalada de privilegios mediante explotación de suid.

Back to top ↑

log4shell

Back to top ↑

cve-2021-44228

Back to top ↑

log4j

Back to top ↑

zero-day

Back to top ↑

cybersecurity

Back to top ↑

windows

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Back to top ↑

backup

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Back to top ↑

automatitation

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Back to top ↑

bash

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Back to top ↑

reporting

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Back to top ↑

vulnerabilities

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

Back to top ↑

c

Battleship Sea Battle - Project

  less than 1 minute read

Battleship Sea Battle is a popular guessing, board game for two players. The locations of the fleets are concealed from the other player. The objective of the game is to destroy the opposing player’s fleet.

Back to top ↑

game

Battleship Sea Battle - Project

  less than 1 minute read

Battleship Sea Battle is a popular guessing, board game for two players. The locations of the fleets are concealed from the other player. The objective of the game is to destroy the opposing player’s fleet.

Back to top ↑

code-analyzer

PHP Code Analyzer - Project

  less than 1 minute read

This program analyzes several files (programmed in PHP) that are specified in the ‘directories’ file under the MVC model (Model, View, Controller), then it will analyze the codes and it will detect errors in comments, loops, control structures, variables, missing files, etc… It will also indicate where the failure is.

Back to top ↑

3d-design

White Shark 3D - Project

  less than 1 minute read

White Shark 3D is a 3d modeling project, in which it was tried to be as faithful to the image of a white shark … less in the textures (despite being made by hand).

Back to top ↑

c++

White Shark 3D - Project

  less than 1 minute read

White Shark 3D is a 3d modeling project, in which it was tried to be as faithful to the image of a white shark … less in the textures (despite being made by hand).

Back to top ↑

dart

Reactions - Project

  1 minute read

reactions Reactions is an application with which you can test your reflexes and get in milliseconds or seconds your reaction speed. The application was made with the Flutter framework and programmed in Dart.

Back to top ↑

flutter

Reactions - Project

  1 minute read

reactions Reactions is an application with which you can test your reflexes and get in milliseconds or seconds your reaction speed. The application was made with the Flutter framework and programmed in Dart.

Back to top ↑

ios

Reactions - Project

  1 minute read

reactions Reactions is an application with which you can test your reflexes and get in milliseconds or seconds your reaction speed. The application was made with the Flutter framework and programmed in Dart.

Back to top ↑

javascript

IPGeo Grabber Omegle - Project

  2 minute read

This script allows to obtain the geolocation of the stranger in a video chat on the Omegle platform in real time through the capture of the public IP, thanks to the Peer-to-Peer communication with WebRTC that follows the web.

Back to top ↑

webrtc

IPGeo Grabber Omegle - Project

  2 minute read

This script allows to obtain the geolocation of the stranger in a video chat on the Omegle platform in real time through the capture of the public IP, thanks to the Peer-to-Peer communication with WebRTC that follows the web.

Back to top ↑

omegle

IPGeo Grabber Omegle - Project

  2 minute read

This script allows to obtain the geolocation of the stranger in a video chat on the Omegle platform in real time through the capture of the public IP, thanks to the Peer-to-Peer communication with WebRTC that follows the web.

Back to top ↑

malware

Browser Data Trojan for Windows - Project

  3 minute read

This client-server project allows the client to recompile all the information from the Chrome, Edge and OperaGX browsers and then compresses it and send it to the server via TCP to the server, although it also has the option of doing so via Stmp, on the other hand the server allows decrypting all files, including passwords, cookies, etc

Back to top ↑

exfiltrate-data

Browser Data Trojan for Windows - Project

  3 minute read

This client-server project allows the client to recompile all the information from the Chrome, Edge and OperaGX browsers and then compresses it and send it to the server via TCP to the server, although it also has the option of doing so via Stmp, on the other hand the server allows decrypting all files, including passwords, cookies, etc

Back to top ↑

av-evasion

Browser Data Trojan for Windows - Project

  3 minute read

This client-server project allows the client to recompile all the information from the Chrome, Edge and OperaGX browsers and then compresses it and send it to the server via TCP to the server, although it also has the option of doing so via Stmp, on the other hand the server allows decrypting all files, including passwords, cookies, etc

Back to top ↑

sqlite

Back to top ↑

xor-bruteforce

Back to top ↑

autopwn

Back to top ↑

email-spoofing

Back to top ↑

dns

Back to top ↑

reversing

Back to top ↑

rle-decode

Back to top ↑

brainfuck-cipher

Back to top ↑

xss

Back to top ↑

sqli

Back to top ↑

jinja

Back to top ↑

remote-execution

Back to top ↑

lfi

Back to top ↑

lfi-to-ce

Back to top ↑

ce-to-rce

Back to top ↑

nodejs

Back to top ↑

prototype-pollution

Back to top ↑

md5

Back to top ↑

bypass

Back to top ↑

decoding

Back to top ↑

scanner

Back to top ↑

threading

Back to top ↑

forencics

Forencics Recompiler for Linux - Project

  less than 1 minute read

This script will recompile most of the information that is usually obtained from a Linux system before an expert or forensic analysis. In addition all the information will be signed with SHA256.

Back to top ↑

rubberducky

Back to top ↑

whid-injector

Back to top ↑

cactus-whid

Back to top ↑

hacking-tools

Back to top ↑

bad-usb

Back to top ↑

quantum

Back to top ↑

programming

Back to top ↑

searching

Grepz - Project

  2 minute read

grepz Grepz is a versatile command-line tool for searching and highlighting specific terms or regex in a text file. Its customizable color options and ability to display lines before and after a match provide context, and it also offers a special reporting mode that highlights matches with a box.

Back to top ↑

analysis

Grepz - Project

  2 minute read

grepz Grepz is a versatile command-line tool for searching and highlighting specific terms or regex in a text file. Its customizable color options and ability to display lines before and after a match provide context, and it also offers a special reporting mode that highlights matches with a box.

Back to top ↑

notion

Back to top ↑

rdp

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Back to top ↑

nla

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Back to top ↑

users

RDPShoot - Project

  1 minute read

title= This tool captures screenshots of Windows machines that have RDP enabled and NLA disabled, checks for open ports and disabled NLA, then transcribes text using OCR to generate a list of users from the captured images.

Back to top ↑

wappalyzer

Back to top ↑

ucve

Back to top ↑

cve

Back to top ↑

nist

Back to top ↑

tecnologies

Back to top ↑

hacking

Back to top ↑

spotify

Spotify CSV Exporter - Project

  1 minute read

This tool automates the process of exporting Spotify playlists and favorite songs in an organized manner, generating CSV files. It leverages the Sportify project to accomplish this. Additionally, it provides the flexibility to seamlessly migrate to other platforms or re-import the playlists back into Spotify, ensuring a smooth transition.

Back to top ↑

bugbounty

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

Back to top ↑

hackng

SBounty - Project

  1 minute read

Sbounty is a script that leverages a combination of tools developed in bash and golang to create pipelines aimed at detecting vulnerabilities in web applications. This tool analyzes the routes obtained from a given URL in order to identify potential vulnerabilities, including XSS, SQLi, CORS, LFI, SSTI, Open Redirect, and SSRF.

Back to top ↑