@m1ru1 am1ru1

## ubuntu-configure-sendmail-with-gmail
#!/bin/bash

HOST=$(hostname)

function install_postfix() {
echo | sudo debconf-set-selections <<__EOF
postfix	postfix/root_address	string
postfix	postfix/rfc1035_violation	boolean	false
postfix	postfix/mydomain_warning	boolean
postfix	postfix/mynetworks	string	127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

## gist:7752088
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG v1.47

mQGiBFGPW60RBADSRdukOufvUs90Cvp88m5jGK0P+qQsxcJtlA+yAp8wdtVW1AQw
gBXE6hbVCXSmvcrJbL0DTv+dHA80mJlKypWyHg4TI/gEZ8YSwpeW4KiEZUKMJYdi
4Y/o3/ReJGesAeOsVLCc4MxU/2sa3/2mWoG+Nz+Yv2LN+lmec5NeVaKpLQCgvWWz
f7Ga5SDrW2Pk6UEe0GoES+MD/RE0/sDCfHBkVPS8uBj9jTfpbi9YtIx687rN0RRl
CF32rPwK18+NePzaunBcuCP3IsLBsFadmqicdx5aWgsMpt3rPD/ImqGqmTFJXPQ4
fXRkwW6LUeNi76ok+oK93iXi2uZJY4uZzZOxIhD/4ntOMunqxt+CDRuW8+mUmfxT
/EcHA/9o4RjAYN/mtl5w0zWbC43zx0+Xz4VhGcuMcleSK+Qllv6Uzk/FnP3+SHge

## fox-srt-mwi.rules
# Signatures for detecting Microsoft Word Intruder
# https://www.fireeye.com/blog/threat-research/2015/04/a_new_word_document.html

alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"FOX-SRT - Trojan - Microsoft Word Intruder payload request"; content:"GET"; depth:3; flowbits:set,wmi; content:!"Referer|3a| "; content:!"Cookie|3a| "; uricontent:"&act=1"; fast_pattern: only; pcre:"/\/webstat\/image\.php\?id=[0-9]{8}/"; threshold: type limit, track by_src, count 1, seconds 3600; classtype:trojan-activity; reference:url,https://www.fireeye.com/blog/threat-research/2015/04/a_new_word_document.html; sid:21001609; rev:1;)

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"FOX-SRT - Trojan - Microsoft Word Intruder payload response"; flowbits:isset,mwi; content:"Content-Type|3a| application/octet-stream"; content:"Content-Description|3a| File Transfer"; pcre:"/filename=[0-9]{8}\.exe/"; threshold: type limit, track by_src, count 1, seconds 3600; classtype:trojan-activity; reference:url,https://www.fir

## osx_infector.py
import os
import struct
import shutil
import subprocess


class macho_intel32_shellcode():
    """
    Mach-O Intel x32 shellcode class
    """

## slideshare-dl.py
import argparse
import urllib.request
import os
import img2pdf

from os import walk
from os.path import join
from bs4 import BeautifulSoup

work_dir = os.path.dirname(__file__)

## DeepCopyTest.ps1
# Get original data
$data = @{
	First = 'Justin';
	Last = 'Dearing';
	Resume = @{
		Experience = [HashTable[]]@(
			@{
				StartDate = [DateTime] (Get-Date '2002-03-23');
				EndDate = [DateTime] (Get-Date '2007-05-15');
				Company = 'ACME ISP';

## Credential.ps1
# credential file path
$CredentialPath = "$PSScriptRoot\credential.clixml"

# get and export credential
$credential = Get-Credential
$credential | Export-Clixml -LiteralPath $CredentialPath

# import credential
$credential = Import-Clixml -LiteralPath $CredentialPath
$credential

## install.sh

# =================== YOUR DATA ========================

SERVER_NAME="some-server-name"
SERVER_IP="111.111.11.11"

USER="someuser"
SUDO_PASSWORD="secret-password-one"
MYSQL_ROOT_PASSWORD="secret-password-two"

## Keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                am1ru1
                / Keybase.md
            
            
              Created
              February 1, 2019 16:18
            
          
    Keybase proof

I hereby claim:

I am am1ru1 on github.
I am am1ru1 (https://keybase.io/am1ru1) on keybase.
I have a public key ASC8kZvfU36mpW7wtIIisFE0POLhq85lecaSnjBTrgGWOgo

To claim this, I am signing this object:

  
## dexMD5.py
#!/usr/bin/env python3
# tweak up from https://github.com/mgp25/classesMD5-64/blob/master/dexMD5.py
# build AXML library from https://github.com/mikusjelly/axmlparser
# add xml manifest parse for getting WhatsApp Version
# to use this $ python3 dexMD5.py apk/WhatsApp.apk
# Output :
# WhatsApp Version : 2.17.296
# WhatsApp ClassesDEX MD5 : b'YrJNPljM3TuNFPIOZ+jziw=='
#
# @MasBog
	#!/bin/bash

	HOST=$(hostname)

	function install_postfix() {
	echo \| sudo debconf-set-selections <<__EOF
	postfix postfix/root_address string
	postfix postfix/rfc1035_violation boolean false
	postfix postfix/mydomain_warning boolean
	postfix postfix/mynetworks string 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
	-----BEGIN PGP PUBLIC KEY BLOCK-----
	Version: BCPG v1.47

	mQGiBFGPW60RBADSRdukOufvUs90Cvp88m5jGK0P+qQsxcJtlA+yAp8wdtVW1AQw
	gBXE6hbVCXSmvcrJbL0DTv+dHA80mJlKypWyHg4TI/gEZ8YSwpeW4KiEZUKMJYdi
	4Y/o3/ReJGesAeOsVLCc4MxU/2sa3/2mWoG+Nz+Yv2LN+lmec5NeVaKpLQCgvWWz
	f7Ga5SDrW2Pk6UEe0GoES+MD/RE0/sDCfHBkVPS8uBj9jTfpbi9YtIx687rN0RRl
	CF32rPwK18+NePzaunBcuCP3IsLBsFadmqicdx5aWgsMpt3rPD/ImqGqmTFJXPQ4
	fXRkwW6LUeNi76ok+oK93iXi2uZJY4uZzZOxIhD/4ntOMunqxt+CDRuW8+mUmfxT
	/EcHA/9o4RjAYN/mtl5w0zWbC43zx0+Xz4VhGcuMcleSK+Qllv6Uzk/FnP3+SHge
	# Signatures for detecting Microsoft Word Intruder
	# https://www.fireeye.com/blog/threat-research/2015/04/a_new_word_document.html

	alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"FOX-SRT - Trojan - Microsoft Word Intruder payload request"; content:"GET"; depth:3; flowbits:set,wmi; content:!"Referer\|3a\| "; content:!"Cookie\|3a\| "; uricontent:"&act=1"; fast_pattern: only; pcre:"/\/webstat\/image\.php\?id=[0-9]{8}/"; threshold: type limit, track by_src, count 1, seconds 3600; classtype:trojan-activity; reference:url,https://www.fireeye.com/blog/threat-research/2015/04/a_new_word_document.html; sid:21001609; rev:1;)

	alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"FOX-SRT - Trojan - Microsoft Word Intruder payload response"; flowbits:isset,mwi; content:"Content-Type\|3a\| application/octet-stream"; content:"Content-Description\|3a\| File Transfer"; pcre:"/filename=[0-9]{8}\.exe/"; threshold: type limit, track by_src, count 1, seconds 3600; classtype:trojan-activity; reference:url,https://www.fir
	import os
	import struct
	import shutil
	import subprocess


	class macho_intel32_shellcode():
	"""
	Mach-O Intel x32 shellcode class
	"""
	import argparse
	import urllib.request
	import os
	import img2pdf

	from os import walk
	from os.path import join
	from bs4 import BeautifulSoup

	work_dir = os.path.dirname(__file__)
	# Get original data
	$data = @{
	First = 'Justin';
	Last = 'Dearing';
	Resume = @{
	Experience = [HashTable[]]@(
	@{
	StartDate = [DateTime] (Get-Date '2002-03-23');
	EndDate = [DateTime] (Get-Date '2007-05-15');
	Company = 'ACME ISP';
	# credential file path
	$CredentialPath = "$PSScriptRoot\credential.clixml"

	# get and export credential
	$credential = Get-Credential
	$credential \| Export-Clixml -LiteralPath $CredentialPath

	# import credential
	$credential = Import-Clixml -LiteralPath $CredentialPath
	$credential

	# =================== YOUR DATA ========================

	SERVER_NAME="some-server-name"
	SERVER_IP="111.111.11.11"

	USER="someuser"
	SUDO_PASSWORD="secret-password-one"
	MYSQL_ROOT_PASSWORD="secret-password-two"
	#!/usr/bin/env python3
	# tweak up from https://github.com/mgp25/classesMD5-64/blob/master/dexMD5.py
	# build AXML library from https://github.com/mikusjelly/axmlparser
	# add xml manifest parse for getting WhatsApp Version
	# to use this $ python3 dexMD5.py apk/WhatsApp.apk
	# Output :
	# WhatsApp Version : 2.17.296
	# WhatsApp ClassesDEX MD5 : b'YrJNPljM3TuNFPIOZ+jziw=='
	#
	# @MasBog