Home
Agr0 Hacks Stuff
Cancel

Writing your own SQLMap Tamper Scripts

I wrote a SQLMap tamper script that helped me out in something that vanilla SQLMap could not. The issue was that in order for a SQL Injection to be possible, the payload needed to bypass a preg_mat...

OS Commands with Python

First of all, I’m going to open this entire post by saying that this is for prototyping only. If you can use a python function or python module that has been built and tested properly rather than u...

My Nmap Cheat Sheet

Nmap is one of the cornerstones of penetration testing. It’s one of, if not the first command you run before you even consider what attack surface to focus on on your target. It’s the way to find o...

I made a Honeypot with Cowrie

To give credit where it is due, I decided to set up a honeypot as inspired by John Hammond. Recently he made a youtube video that described his setup and the resulting display of hundreds of red te...

Web Penetration Test Enumeration Guide

Everyone has their own methods they follow, and enumeration in general is a bit of an art form. This page will serve as kind of a reminder for myself for when I take a break from it and forget some...

Python Web Exploit Boilerplate

If I find a potential attack vector in which I can use Burpsuite Repeater or something, and I just generally want to work with the command line, I typically will code up a quick python script to in...

SQLMap ALL the Things!

SQLMap is a tremendous tool that we all should know in the infosec field. For those that don’t, it is a Swiss Army Knife of SQL Injections. The basic idea is that generally speaking, SQL Injections...

I use Arch, BTW

I use Arch, BTW. And you can too! The initial setup to getting to a useable Arch install can be daunting, and I had to read a bunch of different sources to learn how to do things the right way. Ge...

My Docker Cheat Sheet

This is my docker cheat sheet. There are many like it, but this one is mine. I’m not about to teach anyone anything that they can’t find on Docker docs, in fact that’s probably where you should go...

Vim Tricks

Vim (short for Vi-IMproved) is the greatest editor. Some may try to convince you that Nano is the greatest, some would say Notepad++, some would even say Emacs. These people are wrong. If anyone te...