Skip to content

Instantly share code, notes, and snippets.

Atavic

Block or report user

Report or block Atavic

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View ipfilter.dat
# Example of a "ipfilter.dat" file
#
# All entered IP ranges will be blocked in eMule for both Up- and Downloading
# Be extremely careful what you enter here. Wrong entries may totally block eMule from accessing the network
#
# Format:
# IP-Range , Access Level , Description
#
# Access Levels:
# 127 blocked
@Atavic
Atavic / SenderPolicyFramework.sh
Last active Oct 9, 2016
query domain SPF record
View SenderPolicyFramework.sh
domainsToDig=$(dig @8.8.8.8 _spf.google.com TXT +short | \
sed \
-e 's/"v=spf1//' \
-e 's/ ~all"//' \
-e 's/ include:/\n/g' | \
tail -n+2)
for domain in $domainsToDig ; do
dig @8.8.8.8 $domain TXT +short | \
sed \
-e 's/"v=spf1//' \
@Atavic
Atavic / Athena.txt
Last active Jun 4, 2017
Athena Hera beaconing systems target the Microsoft operating system from Windows XP to Windows 10
View Athena.txt
[WIKILEAKS] CIA Athena Hera systems provides remote beacon, loader capability on targets running the Microsoft operating system
from Windows XP to Windows 10.
REQUIREMENTS
• OpenSSL v1.1 or later (AES 256)
• Windows Crypto API (BCRIPT)
System designed to allow a base installation (Athena) and an extended installation (Hera).
Summary of Capabilities:
View stopbadware_top_ip.txt
IP Address ASN AS Name
50.117.113.222 18779 EGIHOSTING - EGIHosting
64.70.19.203 3561 SAVVIS - Savvis
141.8.226.58 40034 CONFLUENCE-NETWORK-INC - Confluence Netw
158.69.25.93 16276 OVH OVH
54.83.43.69 14618 AMAZON-AES - Amazon.com, Inc.
107.151.148.107 21859 C3 - C3 Networks Inc
172.217.6.97 15169 GOOGLE - Google Inc.
103.224.212.222 133618 TRELLIAN-AS-AP Trellian Pty. Limited,AU
107.151.148.109 21859 C3 - C3 Networks Inc
View stopbadware_top_asn.txt
ASN Name
18779 EGIHOSTING - EGIHosting
40034 CONFLUENCE-NETWORK-INC - Confluence Netw
26496 PAH-INC - GoDaddy.com, Inc.
3561 SAVVIS - Savvis
16509 AMAZON-02 - Amazon.com, Inc.
15626 ITLAS ITL Company
16276 OVH OVH
197695 AS-REGRU _Domain names registrar REG.RU_
14618 AMAZON-AES - Amazon.com, Inc.
View gist:ddc18b5cf15b2e9819280aee270100ab
briankrebs
violetblue
hdmoore
travisgoodspeed
troyhunt
attritionorg
tqbf
attrc
ErrataRob
edskoudis
@Atavic
Atavic / Yuliya.bat
Created Jan 26, 2018
run as admin: for Firefox prior to ver.57. Change “Program Files” to “Program Files (x86)” on Win x64
View Yuliya.bat
del /S /Q “C:\Program Files\Mozilla Firefox\browser\features\*” “C:\Program Files\Mozilla Firefox\gmp-clearkey\*” “C:\Program Files\Mozilla Firefox\crashreporter.exe” “C:\Program Files\Mozilla Firefox\firefox.VisualElementsManifest.xml” “C:\Program Files\Mozilla Firefox\maintenanceservice.exe” “C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe” “C:\Program Files\Mozilla Firefox\minidump-analyzer.exe” “C:\Program Files\Mozilla Firefox\pingsender.exe” “C:\Program Files\Mozilla Firefox\plugin-container.exe” “C:\Program Files\Mozilla Firefox\plugin-container.exe.sig” “C:\Program Files\Mozilla Firefox\plugin-hang-ui.exe”
View Differences from Tor Browser
/******************************************************************************
user_pref("dom.workers.enabled", false); // TOR: true
// PREF: Disable web notifications
user_pref("dom.webnotifications.enabled", false); // TOR: true
// PREF: When geolocation is enabled, use Mozilla geolocation service instead of Google
user_pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); // TOR: ""
// PREF: When geolocation is enabled, don't log geolocation requests to the console
@Atavic
Atavic / What is detected.md
Last active Mar 8, 2018
luminous webextension to block code execution and event collection through JavaScript in your browser
View What is detected.md
You can’t perform that action at this time.