Skip to content

Instantly share code, notes, and snippets.

View Simpsonpt's full-sized avatar
🤠
{{1+1}}><%1+1%>{1+1}<%= 1+1 %>

Renato Rodrigues Simpsonpt

🤠
{{1+1}}><%1+1%>{1+1}<%= 1+1 %>
260 followers · 86 following
View GitHub Profile
@abarisani
abarisani / usb_fingerprinting.md
Last active May 5, 2022 11:47
Fingerprinting USB enumeration from different hosts

Introduction

The following information illustrates the differences between macOS, Windows and Linux in USB device enumeration sequence.

Specifically the comparison covers USB Mass Storage device enumeration, implemented with the TamaGo USB driver on a USB armory Mk II running armory-ums.

@saelo
saelo / 3_years_of_attacking_javascript_engines.txt
Created October 27, 2019 16:04
3 Years of Attacking JavaScript Engines
|=-----------------------------------------------------------------------=|
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=|
|=-----------------------------------------------------------------------=|
|=------------------------------=[ saelo ]=------------------------------=|
|=-----------------------------------------------------------------------=|
The following are some brief notes about the changes that have taken place
since the release of the "Attacking JavaScript Engines" paper [1]. In
general, no big conceptional changes have happened since. Mitigations have
been added to break some of the presented techniques and, as expected, a
@mattifestation
mattifestation / rundll_exports.csv
Created October 18, 2019 13:48
All System32 DLL export functions that contain "RunDLL", an indicator that it's designed to run with rundll32.exe
Module Function
C:\Windows\System32\advpack.dll DelNodeRunDLL32W
C:\Windows\System32\advpack.dll DelNodeRunDLL32A
C:\Windows\System32\advpack.dll DelNodeRunDLL32
C:\Windows\System32\ConnectedAccountState.dll ActionCenterRunDllW
C:\Windows\System32\cryptcatsvc.dll CatDbOfflineRebuildDatabasesRundll32W
C:\Windows\System32\cscui.dll CSCOptions_RunDLLW
C:\Windows\System32\cscui.dll CSCOptions_RunDLLA
C:\Windows\System32\cscui.dll CSCOptions_RunDLL
C:\Windows\System32\devmgr.dll DeviceProblenWizard_RunDLLW
@ricardojba
ricardojba / 0xOPOSEC 0x70 Challenge
Last active May 29, 2022 11:29
-- challenge 1:
From the name of the challenge it was a dead giveway that there was a .git folder exposed.
Then just find out where the git repo is hosted:
curl http://0x70.apl3b.com/.git/config
And get the repo hosting service:
https://gitlab.com/DDuarte/twipy.git
Finally check all the commits and on this one at the bottom of the page you can read a flag:
@jthuraisamy
jthuraisamy / windows-toolkit.md
Last active April 12, 2022 20:00
Windows Toolkit

Windows Toolkit

Binary

Native Binaries

IDA Plugins Preferred Neutral Unreviewed
@dtmsecurity
dtmsecurity / sharpgen.cna
Created November 8, 2018 16:34
SharpGen Aggressor Beacon Wrapper
$dotnetpath = "/usr/local/share/dotnet/dotnet";
$sharpgenpath = "/Users/dtmsecurity/Tools/SharpGen/bin/Debug/netcoreapp2.1/SharpGen.dll";
$temppath = "/tmp/";
beacon_command_register("sharpgen", "Compile and execute C-Sharp","Synopsis: sharpgen [code]\n");
alias sharpgen{
$executionId = "sharpgen_" . int(rand() * 100000);
$temporaryCsharp = $temppath . $executionId . ".cs";
$executableFilename = $temppath . $executionId . ".exe";
@ricardojba
ricardojba / windows_hardening.cmd
Last active April 3, 2024 14:35
A Windows hardening script
::##########################################################################################################################
::
:: This script can ruin your day, if you run it without fully understanding what it does, you don't know what you are doing,
::
:: OR BOTH!!!
::
:: YOU HAVE BEEN WARNED!!!!!!!!!!
::
:: This script is provided "AS IS" with no warranties, and confers no rights.
:: Feel free to challenge me, disagree with me, or tell me I'm completely nuts in the comments section,
@gaearon
gaearon / prepack-gentle-intro-1.md
Last active February 13, 2024 14:30
A Gentle Introduction to Prepack, Part 1

Note:

When this guide is more complete, the plan is to move it into Prepack documentation.
For now I put it out as a gist to gather initial feedback.

A Gentle Introduction to Prepack (Part 1)

If you're building JavaScript apps, you might already be familiar with some tools that compile JavaScript code to equivalent JavaScript code:

  • Babel lets you use newer JavaScript language features, and outputs equivalent code that targets older JavaScript engines.
@jhaddix
jhaddix / cloud_metadata.txt
Last active April 25, 2024 11:19 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@hasherezade
hasherezade / main.cpp
Last active January 7, 2018 16:27
FlareOn4 Chall6 - solution using #libpeconv
#include <stdio.h>
#include <windows.h>
#include "peconv.h"
const size_t g_flagLen = 26;
char g_flag[g_flagLen + 1] = { 0 };
int my_index()
{
static int index = 0;