Skip to content

Instantly share code, notes, and snippets.

View Xarrow's full-sized avatar
:octocat:
>>> interesting

Helixcs Xarrow

:octocat:
>>> interesting
30 followers · 117 following
View GitHub Profile
@Xarrow
Xarrow / hex_md5.js
Last active August 2, 2023 23:43 — forked from alexmuller/hex_md5.js
/*
* A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
* Digest Algorithm, as defined in RFC 1321.
* Version 2.2 Copyright (C) Paul Johnston 1999 - 2009
* Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
* Distributed under the BSD License
* See http://pajhome.org.uk/crypt/md5 for more info.
*/
/*
@Xarrow
Xarrow / login_zhihu.py
Created January 11, 2016 05:25
login_zhihu_by_requests
__author__ = 'ZhangJian'
import requests
import time
import sys
import os
import log
from bs4 import BeautifulSoup
from subprocess import Popen
@Xarrow
Xarrow / ad.html
Created January 24, 2017 02:56
江苏电信iframe劫持样本
<!--PC端-->
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body {
margin: 0;
color: #000;
overflow: hidden;
padding: 0;
@Xarrow
Xarrow / tcp-reset.org
Created September 17, 2018 05:53 — forked from spinpx/tcp-reset.org
TCP Reset attack in practice #Security #Network

TCP Reset attack

RESET is a flag in TCP packets to indicate that the conection is not longer working. So, if any of the two participants in a TCP connection send a packet contains such a RESET flag, the connection will be closed immediately.

Thus it can be use to attack TCP connections once the attacker can forge TCP packets from any of the two parties if he or she know their IPs, ports and the sequence number of current TCP connection.

The attack can be used to make certain users to fail to use certain network services based on TCP if we know the information above.

In practice, we should eavesdrop the victims’ communications to get their IPs, ports and the sequence number. You can do it by:

@Xarrow
Xarrow / AAA
Created December 12, 2018 15:33
# -*- coding:utf-8 -*-
"""
Verion: 1.0
Since : 3.6
Author: zhangjian
Site: https://iliangqunru.bitcron.com/
File: csdaf
Time: 2018/12/12
@Xarrow
Xarrow / native-mem-tracking.md
Created January 29, 2019 04:05 — forked from prasanthj/native-mem-tracking.md
Native memory tracking in JVM

Enable native memory tracking in JVM by specifying the following flag

-XX:NativeMemoryTracking=detail

Know the <PID> of the java process

jps

To print ps based RSS

ps -p <PID> -o pcpu,rss,size,vsize

To print native memory tracking summary

@Xarrow
Xarrow / PsbEnum.java
Created March 25, 2019 03:18
公安标准民族映射
import java.util.Optional;
import java.util.stream.Stream;
public final class PsbEnum {
public static enum SexType {
MALE(1, "男"),
FEMALE(2, "女"),
UNKNOWN(9, "未说明");
private Integer type;
@Xarrow
Xarrow / async_flask.py
Created July 3, 2019 17:08 — forked from sergray/async_flask.py
Asynchronous requests in Flask with gevent
"""Asynchronous requests in Flask with gevent"""
from time import time
from flask import Flask, Response
from gevent.pywsgi import WSGIServer
from gevent import monkey
import requests
@Xarrow
Xarrow / ssid-sniffer-scapy-python.py
Created July 4, 2019 18:26 — forked from securitytube/ssid-sniffer-scapy-python.py
WLAN SSID Sniffer in Python using Scapy
#!/usr/bin/env python
from scapy.all import *
ap_list = []
def PacketHandler(pkt) :
if pkt.haslayer(Dot11) :
if pkt.type == 0 and pkt.subtype == 8 :
@Xarrow
Xarrow / nginx firebasestorage proxy
Created July 20, 2019 18:21
# 46789 http://127.0.0.1:46789/
server{
set $simplebox "simplebox";
listen 46789 fastopen=5;
server_name 127.0.0.1;
resolver 8.8.8.8;
#ssl_certificate /etc/nginx/sites-available/ssl/server.crt;
#ssl_certificate_key /etc/nginx/sites-available/ssl/server.key;
# ssl_certificate /etc/letsencrypt/live/helixcs.tk/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/helixcs.tk/privkey.pem;