Sh1n0g1 Sh1n0g1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Bulk IP Address 2 Geolocation Using freegeoip.net | |
| #Input: IP Address List | |
| #Output: IP, Latitude, Longitude (CSV Format) | |
| import urllib, json | |
| #Paste your ipaddress list | |
| ips=""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Reflection.Assembly]::LoadWithPartialName("System.Drawing") | |
| function screenshot([Drawing.Rectangle]$bounds, $path) { | |
| $bmp = New-Object Drawing.Bitmap $bounds.width, $bounds.height | |
| $graphics = [Drawing.Graphics]::FromImage($bmp) | |
| $graphics.CopyFromScreen($bounds.Location, [Drawing.Point]::Empty, $bounds.size) | |
| $bmp.Save($path) | |
| $graphics.Dispose() |
Sh1n0g1
/ pefile_peid.py
Created
January 25, 2017 11:32
Get the matching result of UserDB.txt(PEid) using pefile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import peutils | |
| import pefile | |
| try: | |
| pe = pefile.PE(sys.argv[1]) | |
| signatures = peutils.SignatureDatabase('./sig/userdb.txt') | |
| matches = signatures.match_all(pe, ep_only = True) | |
| if type(matches) is list: | |
| for m in matches: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .EXAMPLE | |
| Test-RegistryName -Path "HKCU:\Software\Sysinternals\Strings" -Name "EulaAccepted" | |
| #> | |
| function Test-RegistryName { | |
| param ( | |
| [parameter(Mandatory=$true)][ValidateNotNullOrEmpty()]$Path, | |
| [parameter(Mandatory=$true)][ValidateNotNullOrEmpty()]$Name | |
| ) |
Sh1n0g1
/ Write-RegistryValue.ps1
Created
March 23, 2017 03:00
Write Registry Value (and Create key if needed)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .EXAMPLE | |
| Write-RegistryValue -Path "HKCU:\Software\Sysinternals\Strings" -Name "EulaAccepted | |
| #> | |
| function Write-RegistryValue{ | |
| param ( | |
| [parameter(Mandatory=$true)][ValidateNotNullOrEmpty()]$Path, | |
| [parameter(Mandatory=$true)][ValidateNotNullOrEmpty()]$Name, | |
| [parameter(Mandatory=$true)][ValidateNotNullOrEmpty()]$Value |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $MemDef =@" | |
| [DllImport("winmm.dll", CharSet = CharSet.Ansi)] | |
| public static extern int mciSendStringA( | |
| string lpstrCommand, | |
| string lpstrReturnString, | |
| int uReturnLength, | |
| IntPtr hwndCallback | |
| ); | |
| "@ |
Sh1n0g1
/ Play-Mario.ps1
Created
April 20, 2017 12:47
— forked from davewilson/Play-Mario.ps1
Super Mario Theme in PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function Play-Mario { | |
| [System.Console]::Beep(659, 125); | |
| [System.Console]::Beep(659, 125); | |
| [System.Threading.Thread]::Sleep(125); | |
| [System.Console]::Beep(659, 125); | |
| [System.Threading.Thread]::Sleep(167); | |
| [System.Console]::Beep(523, 125); | |
| [System.Console]::Beep(659, 125); | |
| [System.Threading.Thread]::Sleep(125); | |
| [System.Console]::Beep(784, 125); |
Sh1n0g1
/ Play-Doremi.ps1
Last active
April 16, 2019 12:20
Note Scale for PowerShell [console]::beep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $C=261.6 | |
| $Cs=277.2 | |
| $Db=$Cs | |
| $D=293 | |
| $Ds=311.1 | |
| $Eb=$Ds | |
| $E=329.6 | |
| $F=349.2 | |
| $Fs=370.0 | |
| $Gb=$Fs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "__comment":"Thanks to WireShark + USBPcap!", | |
| "a":"00,00,04", | |
| "b":"00,00,05", | |
| "c":"00,00,06", | |
| "d":"00,00,07", | |
| "e":"00,00,08", | |
| "f":"00,00,09", | |
| "g":"00,00,0a", | |
| "h":"00,00,0b", |
Sh1n0g1
/ VTUploadCheck.sh
Created
June 27, 2017 00:33
Detect the malware upload on VT without API key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| sha256="d868ef71f3489e9f9c0a17b9b3c704789aae7c362457cea5c8e1e17185437303" | |
| url="https://www.virustotal.com/en/file/$sha256/analysis/" | |
| while : | |
| do | |
| result=$(wget -qO- $url ); | |
| reslen=${#result} | |
| if [ "$reslen" -lt "1000" ] ; then | |
| echo "VirusTotal blocks us!"; | |
| break; |
OlderNewer