Skip to content

Instantly share code, notes, and snippets.

Andrew Shumate ashumate

Block or report user

Report or block ashumate

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
set -e
CONTENTS=$(tesseract -c language_model_penalty_non_dict_word=0.8 --tessdata-dir /usr/local/share/tessdata/ "$1" stdout -l eng | xml esc)
hex=$((cat <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">
Rurik /
Last active Dec 29, 2019
Quick tool to find and extract filters from Procmon configuration files
# Procmon Rule Parser v0.02
# Brian Baskin - @bbaskin
# Reads default rules from an exported Procmon Configuration (.PMC) or Procmon Filter (.PMF) file
# Example output:
12:09:59-bbaskin@~/Development/Noriben$ python -f ProcmonConfiguration.pmc
[Exclude] Process Name is Procmon64.exe
[Exclude] Operation is QueryStandardInformationFile
[Exclude] Operation is RegOpenKey
[Exclude] Operation is NotifyChangeDirectory

Got Retweets?

Even though Twitter's statuses/retweets API endpoint is limited to the last 100 retweets it is possible to use the search/tweets endpoint to search for the retweets using the text of the tweet. Caveat: This is only possible for tweets that have happened in the last 7 days, which is furthest back Twitter allow you to search for tweets in.

For example here is how you can get the retweets for this tweet and analyze the users in a spreadsheet.

mubix /
Last active Jun 4, 2020
How to start in Infosec
tomekr / pocorgtfo_index.tsv
Last active Aug 19, 2016
An index of International Journal of Proof-of-Concept or Get The Fuck Out
View pocorgtfo_index.tsv
Issue Title Alternate Title Author
0x00 2 iPod Antiforensics Travis Goodspeed
0x00 3 ELFs are dorky, Elves are cool Sergey Bratus, Julian Bangert
0x00 4 The Pastor Manul Laphroaig's First Epistle to Hacker Preachers of All Hats, in the sincerest hope that we might shut up about hats, and get back to hacking. Manul Laphroaig
0x00 5 Returning from ELF to Libc Rebecca "Bx" Shapiro
0x00 6 GTFO or #FAIL FX of Phenoelit
0x01 2 Four Lines of Javascript that Can’t Possibly Work So why do they? Dan Kaminsky
0x01 3 Weird Machines from Serena Butler’s TV Typewriter Travis Goodspeed
0x01 4 Making a Multi-Windows PE Ange Albertini
0x01 5 This ZIP is also a PDF Julia Wolf
mattifestation / DFSPoC.ps1
Created Dec 2, 2015
Perform unauthenticated WMI queries on a Dell Foundation Services server
View DFSPoC.ps1
function Get-DellFoundationServicesWmiObject {
Performs a WMI query on a Dell Foundation Services server.
Author: Matthew Graeber (@mattifestation)
License: BSD 3-Clause
joepie91 /
Last active Jun 7, 2020
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.
miek / GSG case
Last active Apr 23, 2019
Unofficial case for YARD Stick One and Ubertooth One from Great Scott Gadgets -
View free security

Simple Security Guidelines

Using an iDevice? (Best option)

  • Use an iPod or an iPad without a SIM card
  • Use an iPhone
  • Do not jailbreak
  • Always upgrade to new iOS versions
  • Use Brave browser

Need Secure chat?

kennwhite /
Last active May 29, 2020
Most VPN Services are Terrible

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion:

You can’t perform that action at this time.