Skip to content

Instantly share code, notes, and snippets.

View Guillrmo's full-sized avatar
👋
Hi there!

Guillermo Guillrmo

👋
Hi there!
View GitHub Profile
@epixoip
epixoip / 8x290X
Last active August 21, 2017 10:52
World's First 8x R9 290X oclHashcat Benchmark
System: Sagitta Brutalis (S2480-RAD-290X) with 8x 290X
https://sagitta.systems/hardware/gpu-compute-nodes/brutalis/
epixoip@token:~/oclHashcat-1.00$ od6config --list
Adapter 0: AMD Radeon R9 290 Series
Adapter 1: AMD Radeon R9 290 Series
Adapter 2: AMD Radeon R9 290 Series
Adapter 3: AMD Radeon R9 290 Series
@mbijon
mbijon / iframe.html
Created August 4, 2013 19:42
Tor fingerprinting code-injection (allegedly by FBI) --from: http://www.twitlonger.com/show/n_1rlo0uu
//nl7qbezu7pqsuone.onion/?requestID=203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0 iframe:
<html>
<body>
<iframe frameborder=0 border=0 height=1 width=1 id="iframe"> </iframe>
</body>
</html>
<script>
@holms
holms / install-metasploit-debian.md
Last active October 10, 2020 14:13
metasploit install in debian wheezy

Debian Wheezy Metasploit Setup

Install depedencies

apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre subversion git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev ruby1.9.3 nmap -y
gem install --verbose --debug pcaprub wirble pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
@kmcquade
kmcquade / iam-role-enumeration.md
Last active February 23, 2021 16:48

This only works when you have the victim account ID. For this example, let's say that the victim account ID is 999988887777.

Create a test role

First, create a role that we can use for this demo. This role is in your own account.

aws iam create-role --role-name test-enumeration \
    --assume-role-policy-document '{"Version": "2012-10-17","Statement": [{"Effect": "Allow","Principal": {"Service": "ec2.amazonaws.com"},"Action": "sts:AssumeRole"}]}'
@vulnersCom
vulnersCom / Petya_ransomware.md
Last active July 6, 2023 19:30

#petya #petrWrap #notPetya

Win32/Diskcoder.Petya.C

Ransomware attack.

About

This gist was built by the community of the researchers and was scribed by Kir and Igor from the QIWI/Vulners. We are grateful for the help of all those who sent us the data, links and information. Together we can make this world a better place!

Gist updates

@carnal0wnage
carnal0wnage / gcp_enum.sh
Last active January 24, 2024 18:06
use the gcloud utilities to enumerate as much access as possible from a GCP service account json file. see blog post: <to insert>
# gcloud auth activate-service-account --key-file=85.json
# gcloud projects list
project="my-project"
space=""
echo "gcloud auth list"
gcloud auth list
echo -e "$space"
@carnal0wnage
carnal0wnage / gist:606c41ac6ec40bf5c69d4db96d9312e3
Created April 28, 2017 16:07
Red Team Books
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@atcuno
atcuno / gist:3425484ac5cce5298932
Last active March 25, 2024 13:55
HowTo: Privacy & Security Conscious Browsing

The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.

I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.

Table of Contents

@miguelgrinberg
miguelgrinberg / rest-server.py
Last active March 29, 2024 09:05
The code from my article on building RESTful web services with Python and the Flask microframework. See the article here: http://blog.miguelgrinberg.com/post/designing-a-restful-api-with-python-and-flask
#!flask/bin/python
from flask import Flask, jsonify, abort, request, make_response, url_for
from flask_httpauth import HTTPBasicAuth
app = Flask(__name__, static_url_path = "")
auth = HTTPBasicAuth()
@auth.get_password
def get_password(username):
if username == 'miguel':