git-dumper
CyberChef
git-dumper | CyberChef | |
---|---|---|
2 | 286 | |
1,631 | 25,649 | |
- | 2.5% | |
6.7 | 9.3 | |
about 2 months ago | 3 days ago | |
Python | JavaScript | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
git-dumper
-
HTB - Pilgrimage Writeup
Now we know for sure there is a /.git/ folder on the server. Now we can use a tool like Git dumperto extract all of the information from the git folder on to our own machine and take a look at the source code.
- Write-up: Git Exposed, weak password reset and account takeover.
CyberChef
-
PicoCTF 2024: packer
Then we take the encrypted text and use CyberChef to decrypt it.
-
Unbreakable 2024: secrets-of-winter
Let's go to CyberChef and insert our pieces of evidence.
-
YouTube: Google has found a way to break Invidious
A parameter was changed from '2AMBCgIQBg' to 'CgIIAdgDAQ%3D%3D' which is just the correct base64 encoding they should have been using the entire time.
I don't think this was a hostile action by Google, I think someone just added better input validation for security reasons and it accidently broke the bad requests they were sending.
https://gchq.github.io/CyberChef/#recipe=URL_Decode()From_Ba...
-
PicoCTF 2024- CanYouSee
❗This is indeed the flag, but the text is encrypted with Base64. Usually, the presence of padding character "=" indicates that's Base64 type of encoding (but that's only one of the hints). To decrypt it, we can use CyberChef. Copy-paste the text and we either:
-
CyberChef VS DevToolboxWeb - a user suggested alternative
2 projects | 6 Feb 2024
-
CyberChef from GCHQ: The Cyber Swiss Army Knife
It uses a combination of magic bytes (like the `file` command), entropy analysis and character frequency detection to determine whether an output is likely to be of interest to the user.
The file type mechanism is written here[0]. There's a list of all signatures we detect here[1].
[0] https://github.com/gchq/CyberChef/blob/master/src/core/lib/F...
- Show HN: File Hider
- UK GCHQ's CyberChef
-
Lets try this again. Got a code for you to break.
I think this can be deciphered using CyberChef...
- CyberChef is a useful tool for decoding information.
What are some alternatives?
devops-exercises - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
QR-Code-generator - High-quality QR Code generator library in Java, TypeScript/JavaScript, Python, Rust, C++, C.
dev-setup - macOS development environment setup: Easy-to-understand instructions with automated setup scripts for developer tools like Vim, Sublime Text, Bash, iTerm, Python data analysis, Spark, Hadoop MapReduce, AWS, Heroku, JavaScript web development, Android development, common data stores, and dev-based OS X defaults.
CapRover - Scalable PaaS (automated Docker+nginx) - aka Heroku on Steroids
CVE-2022-44268 - A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
py4e - Web site for www.py4e.com and source to the Python 3.0 textbook
100-redteam-projects - Projects for security students
cyberchef-recipes - A list of cyber-chef recipes and curated links
ImageMagick - 🧙♂️ ImageMagick 7
Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Monica - Personal CRM. Remember everything about your friends, family and business relationships.
binwalk - Firmware Analysis Tool [Moved to: https://github.com/ReFirmLabs/binwalk]