Skip to content

Instantly share code, notes, and snippets.

📃
Also in git.rlab.be/hackan

HacKan HacKanCuBa

📃
Also in git.rlab.be/hackan
Block or report user

Report or block HacKanCuBa

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@rjhansen
rjhansen / keyservers.md
Last active Sep 19, 2019
SKS Keyserver Network Under Attack
View keyservers.md

SKS Keyserver Network Under Attack

This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Terminological Note

"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.

Who am I?

@wdormann
wdormann / checksvc.py
Last active Aug 8, 2019
Check for insecure services on Windows
View checksvc.py
import os
import subprocess
import ctypes
# See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/
svcinfo = {}
nonadmin = ['AU', 'AN', 'BG', 'BU', 'DG', 'WD', 'IU', 'LG']
FNULL = open(os.devnull, 'w')
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active Sep 20, 2019
My tips for finding security issues in GitHub projects.
View github_bugbountyhunting.md

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@Neo23x0
Neo23x0 / nmap-cmdline
Last active Apr 23, 2019
Nmap Scan Params for CVE-2017-0143 MS17-010 Scanning
View nmap-cmdline
# Scan for CVE-2017-0143 MS17-010
# The vulnerability used by WannaCry Ransomware
#
# 1. Use @calderpwn's script
# http://seclists.org/nmap-dev/2017/q2/79
#
# 2. Save it to Nmap NSE script directory
# Linux - /usr/share/nmap/scripts/ or /usr/local/share/nmap/scripts/
# OSX - /opt/local/share/nmap/scripts/
#
View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

View gist:07d8d4c833873be2f68c34f9afc5a78a

Cryptographic Best Practices

Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.

The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from

@xinomilo
xinomilo / find-https-debian-archives.py
Last active Dec 20, 2017 — forked from eighthave/find-https-debian-archives.py
Script to find official Debian mirrors that support HTTPS
View find-https-debian-archives.py
#!/usr/bin/python
import urllib2
import re
import ssl
import sys
# # find generic mirrors
mirrors = urllib2.urlopen('https://www.debian.org/mirror/list')
https = []
@joepie91
joepie91 / vpn.md
Last active Sep 22, 2019
Don't use VPN services.
View vpn.md

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

A Russian translation of this article can be found here, contributed by Timur Demin. There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

Why not?

@kodekracker
kodekracker / gunicorn.py
Created Sep 10, 2015
A config file of gunicorn(http://gunicorn.org/) contains fundamental configuration.
View gunicorn.py
# -*- coding: utf-8 -*-
# Gunicorn(v19.3) Configuration File
# Reference - http://docs.gunicorn.org/en/19.3/settings.html
#
# To run gunicorn by using this config, run gunicorn by passing
# config file path, ex:
#
# $ gunicorn --config=gunicorn.py MODULE_NAME:VARIABLE_NAME
#
@grugq
grugq / gist:03167bed45e774551155
Last active Sep 22, 2019
operational pgp - draft
View gist:03167bed45e774551155

Operational PGP

This is a guide on how to email securely.

There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.

You can’t perform that action at this time.