Skip to content

Instantly share code, notes, and snippets.

Avatar

James Hovious JamesHovious

View GitHub Profile
@JamesHovious
JamesHovious / hancitor_extractor.go
Last active Oct 5, 2021
Extract a Hancitor configuration using only the Go standard library
View hancitor_extractor.go
package hancitor
// References:
// https://hub.gke2.mybinder.org/user/oalabs-lab-notes-4vubrm7f/notebooks/Hancitor/hancitor.ipynb
// https://www.youtube.com/watch?v=OQuRwpUTBpQ
// https://www.binarydefense.com/analysis-of-hancitor-when-boring-begets-beacon/
// https://github.com/kevoreilly/CAPEv2/blob/master/modules/processing/parsers/mwcp/Hancitor.py
import (
"bytes"
@JamesHovious
JamesHovious / error_example_syntax.go
Created Sep 20, 2021
Go Error Syntax Variations
View error_example_syntax.go
if val, ok := data[“key”]; ok {
// the key/value in the map exists
}
if gz, err := zlib.NewReader(base64decoder); err != nil {
return err
}
if err := decoder.Decode(&t); err != nil {
return err
View prt_to_bytes.go
size := unsafe.Sizeof(ptr)
eip := make([]byte, size)
switch size {
case 4: binary.LittleEndian.PutUint32(eip, uint32(ptr))
case 8: binary.LittleEndian.PutUint64(eip, uint64(ptr))
default: panic(fmt.Sprintf(“unknown uintptr size: %v”, size))
}
View aws_parse.py
#/bin/python3
import urllib.request
import json
aws_url = "https://ip-ranges.amazonaws.com/ip-ranges.json"
aws_ips = []
with urllib.request.urlopen(aws_url) as response:
obj = json.loads(response.readall().decode('utf-8'))
for k, v in obj.items(): # type dictionary
if isinstance(v, list): # filtering on 'prefixes' which is type list
@JamesHovious
JamesHovious / Pentest-Tools-Install.sh
Last active Jun 14, 2021
Simple script to install the tools I most often use for pentesting.
View Pentest-Tools-Install.sh
#/bin/bash
# This script sets up two directories. One in ~/tools/ which contains tools that I often use on pentests.
# The other directory is in /var/www/html/ that contains tools/scripts that I often pull down from
# and run on victim machines.
toollist=(
'https://github.com/ilneill/Py-CiscoT7.git'
'https://github.com/rsmudge/cortana-scripts.git'
'https://github.com/CoreSecurity/impacket.git'
View Brython Rest API.py
<table class="table table-striped table-bordered">
<thead>
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>Date</th>
</tr>
</thead>
<tbody>
<tr>
View settings.py
# Running in development, so use a local MySQL database.
DATABASES = {
'default': {
'ENGINE': 'google.appengine.ext.django.backends.rdbms',
'INSTANCE': 'gaeapp-001:blog',
'NAME': 'mysql',
'USER': 'root',
},
'app-backend': {
'ENGINE': 'google.appengine.ext.django.backends.rdbms',
View django_api_code.py
import json
from django.http import HttpResponse
from project.libs.pybcrypt import bcrypt
class ClassName:
def test(self):
json_response = json.dumps({"success": 1, "errors": 0, "msg": "test_successfully_sent"})
return HttpResponse(json_response, mimetype="application/json")
def register(self, c, json_data):
View django_api_view.py
"""
Here is the JSON structure the api is expecting
{
"tag":"test", // or whatever the tag should be
"data":
{"
first_name":"firstname",
"last_name":"lastname",
"email":"email@email.com",
View Brython Ajax.py
from browser import document, ajax
#Ajax arguments
qs = ''
url = 'http://headers.jsontest.com/'
def post_data(url, qs):
req = ajax.ajax()
# Bind the complete State to the on_post_complete function
req.bind('complete',on_post_complete)
# send a POST request to the url