This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| __description__ = 'Analyzes Malicious PDF Object in Memory' | |
| __author__ = 'Brandon Dixon' | |
| __version__ = '1.0' | |
| __date__ = '2011/11/07' | |
| from object_builder import * | |
| import simplejson as json | |
| import optparse | |
| import malobjclass | |
| import codecs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package | |
| { | |
| import flash.display.MovieClip; | |
| import flash.display.SimpleButton; | |
| import flash.display.Shape; | |
| import flash.events.Event; | |
| import flash.events.MouseEvent; | |
| import flash.net.*; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # V0.1 2008/05/23 | |
| # make-pdf-javascript, use it to create a PDF document with embedded JavaScript that will execute automatically when the document is opened | |
| # requires module mPDF.py | |
| # Source code put in public domain by Didier Stevens, no Copyright | |
| # https://DidierStevens.com | |
| # Use at your own risk | |
| # | |
| # History: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # module with simple class to build PDF documents with basic PDF elements | |
| # Source code put in public domain by Didier Stevens, no Copyright | |
| # https://DidierStevens.com | |
| # Use at your own risk | |
| # | |
| # History: | |
| # | |
| # 2008/05/18: continue |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //preserve originals | |
| var ori = function() { | |
| var self = this; | |
| this.unescape = unescape; | |
| this.alert = alert; | |
| this.eval = eval; | |
| this.fromCharCode = String.fromCharCode; | |
| this.call_unescape = function(e) { | |
| document.write("<br>original unescape was passed data"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import smtplib | |
| import socket | |
| from email.mime.text import MIMEText | |
| def sendmail(user): | |
| sender = "admin@smscatfacts.com" | |
| recv = user | |
| subject = "Shave it up!" |
9b
/ clean_tibet.py
Created
March 21, 2012 03:57
Parse the Twitter stream for #tibet or #freetibet and identify potential spammers based on static traits.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pycurl | |
| import simplejson as json | |
| import urllib | |
| import time | |
| import datetime | |
| STREAM_URL = "https://stream.twitter.com/1/statuses/filter.json" | |
| USER = "YOUR USERNAME" | |
| PASS = "YOUR PASSWORD" |
9b
/ string_rippah.py
Created
March 22, 2012 20:16
Build JSON structure representing how often a given string occurs and insert into a mongodb collection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var map = function () { | |
| fhash = this.hash; | |
| this.static.strings.forEach(function (z) {emit(z.name, {hash: fhash, count_sum: z.count, count: 1});}); | |
| } | |
| var reduce = function (key, values) { | |
| var hashes = [];var total = 0;var count = 0;var stotal = 0; | |
| for (var i = 0; i < values.length; i++) { | |
| stotal += values[i].count; | |
| total += values[i].count_sum; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| import sys | |
| def main(): | |
| if len(sys.argv) < 3: | |
| sys.exit('Usage (2 arguments): %s "%s" %s' % (sys.argv[0],"malicious file","outfile")) | |
| else: | |
| f = open(sys.argv[1],"rb") | |
| con = f.read() | |
| f.close() |
9b
/ poorMansConvert.py
Created
May 19, 2013 20:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| def poorMansConvert(di, inPath, outType, outPath): | |
| from apiclient.http import MediaFileUpload | |
| valid_output = [ | |
| 'text/html','text/plain','application/rtf','application/vnd.oasis.opendocument.text',\ | |
| 'application/pdf','application/vnd.openxmlformats-officedocument.wordprocessingml.document',\ | |
| 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/x-vnd.oasis.opendocument.spreadsheet',\ | |
| 'image/jpeg','image/png','image/svg+xml','application/vnd.openxmlformats-officedocument.presentationml.presentation' |