Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.
You've got two main options:
Regex | Source | |
---|---|---|
MSSE-[0-9a-f]{3}-server | Default Cobalt Strike Artifact Kit binaries | |
status_[0-9a-f]{2} | Default psexec_psh | |
postex_ssh_[0-9a-f]{4} | Default SSH beacon | |
msagent_[0-9a-f]{2} | Default SMB beacon | |
postex_[0-9a-f]{4} | Default Post Exploitation job (v4.2+) | |
mojo.5688.8052.183894939787088877[0-9a-f]{2} | jquery-c2.4.2.profile | |
mojo.5688.8052.35780273329370473[0-9a-f]{2} | jquery-c2.4.2.profile | |
wkssvc[0-9a-f]{2} | jquery-c2.4.2.profile | |
ntsvcs[0-9a-f]{2} | trick_ryuk.profile |
import sys | |
import zipfile | |
import random | |
def get_zip_file_header_offset(zip_filename, target_filename): | |
""" | |
Parse the file header offset for a target_filename. | |
:param zip_filename: The name of the zip file to read. | |
:param target_filename: The name of the file to find the header of. |
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
/* | |
WARNING: | |
the newest version of this rule is now hosted here: | |
https://github.com/Neo23x0/god-mode-rules/blob/master/godmode.yar | |
*/ | |
/* | |
_____ __ __ ___ __ |
#!/usr/bin/env python | |
# -*- coding: utf-8 -*- | |
import os | |
import sys | |
import uuid | |
from collections import deque | |
# Motify this as the number of rules per file |
From: http://redteams.net/bookshelf/ | |
Techie | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
function Get-InjectedThread | |
{ | |
<# | |
.SYNOPSIS | |
Looks for threads that were created as a result of code injection. | |
.DESCRIPTION | |
bin,banka_kodu,banka_adi,type,sub_type,virtual,prepaid | |
413226,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,PLATINUM | |
444676,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,CLASSIC | |
444677,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,GOLD | |
444678,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,PLATINUM | |
453955,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC | |
453956,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, GOLD | |
454671,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC | |
454672,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC | |
454673,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, BUSINESS |
#!/bin/bash | |
# Attempts to install the web application vulnerability scanner w3af and it's prerequisites. | |
# For more information about w3af, see: http://w3af.sourceforge.net/ | |
# USAGE: pypi_install package_name version_number md5_checksum | |
# checksum is optional; package and version are required | |
function pypi_install() { | |
name=$1 | |
version=$2 |