Skip to content

Instantly share code, notes, and snippets.

View digihash's full-sized avatar

Kevin Holvoet digihash

View GitHub Profile
@Neo23x0
Neo23x0 / yara-ops.py
Last active January 12, 2023 08:12
YARA Rule Hash Generator
import hashlib
import re
import plyara
# Florian Roth, Christian Burkard
# Version 3.0
# January 2023
#
# Known issues: fails in some cases in which 'private' rules are used
@roycewilliams
roycewilliams / badrabbit-info.txt
Last active June 17, 2022 11:18
badrabbit-info.txt
Rough summary of developing BadRabbit info
------------------------------------------
BadRabbit is locally-self-propagating ransomware (ransom: 0.05 BTC), spreading via SMB once inside.
Requires user interaction.
Mostly targeting Russia and Ukraine so far, with a few others (Germany, Turkey, Bulgaria, Montenegro ...)
Not globally self-propagating, but could be inflicted on selected targets on purpose.
May be part of same group targeting Ukraine generally (BACKSWING) (per FireEye)
Confirmed to use ETERNALROMANCE exploit, and same source code and build chain as NotPetya (per Talos)
Mitigations are similar to Petya/NotPetya resistance. An inoculation is also available (see below).
@clarketm
clarketm / google-dorks
Created January 30, 2017 10:01 — forked from stevenswafford/google-dorks
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!
@stevenswafford
stevenswafford / google-dorks
Created June 6, 2015 05:57
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!
@larrybolt
larrybolt / Captive Network Assistant
Created August 21, 2013 13:49
Telenet Hotspot/Homespot auto-login Should be placed at: `/System/Library/CoreServices/Captive Network Assistant.app/Contents/MacOS/Captive Network Assistant` overwriting the file
#!/usr/bin/php
<?php
$SSID=trim(`/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I | awk -F: '/ SSID:/ {print $2}' | sed -e 's/.*SSID: //'`);
if ( $SSID == 'TELENETHOTSPOT' )
{
if (`curl --cookie-jar /tmp/cookiejar \
--data "c=std&lang=nl&checkterms=1&userid=USERNAME&password=PASSWORD&remember=on&terms=on" \
--cookie "TNLANG=nl&TN_HS_COOKIE_DETECT=HELLO" \
--max-time 60 \
--user-agent "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:20.0) Gecko/20100101 Firefox/20.0" \
@floer32
floer32 / centos_python_env_setup
Last active May 2, 2022 03:47 — forked from stantonk/doit
CentOS 6: Install Python 2.7.4, pip, virtualenv, and virtualenvwrapper on CentOS (plus some bonus items at the end if you want). You should probably run with `sudo`.
#!/bin/bash
# Source: http://toomuchdata.com/2012/06/25/how-to-install-python-2-7-3-on-centos-6-2/
# Install stuff #
#################
# Install development tools and some misc. necessary packages
yum -y groupinstall "Development tools"
yum -y install zlib-devel # gen'l reqs
@pamelafox
pamelafox / countryinfo.py
Last active February 13, 2024 00:57
Python list of country codes, names, continents, capitals, and pytz timezones
countries = [
{'timezones': ['Europe/Andorra'], 'code': 'AD', 'continent': 'Europe', 'name': 'Andorra', 'capital': 'Andorra la Vella'},
{'timezones': ['Asia/Kabul'], 'code': 'AF', 'continent': 'Asia', 'name': 'Afghanistan', 'capital': 'Kabul'},
{'timezones': ['America/Antigua'], 'code': 'AG', 'continent': 'North America', 'name': 'Antigua and Barbuda', 'capital': "St. John's"},
{'timezones': ['Europe/Tirane'], 'code': 'AL', 'continent': 'Europe', 'name': 'Albania', 'capital': 'Tirana'},
{'timezones': ['Asia/Yerevan'], 'code': 'AM', 'continent': 'Asia', 'name': 'Armenia', 'capital': 'Yerevan'},
{'timezones': ['Africa/Luanda'], 'code': 'AO', 'continent': 'Africa', 'name': 'Angola', 'capital': 'Luanda'},
{'timezones': ['America/Argentina/Buenos_Aires', 'America/Argentina/Cordoba', 'America/Argentina/Jujuy', 'America/Argentina/Tucuman', 'America/Argentina/Catamarca', 'America/Argentina/La_Rioja', 'America/Argentina/San_Juan', 'America/Argentina/Mendoza', 'America/Argentina/Rio_Gallegos', 'America/Argentina/Ushuai
@bulljit
bulljit / removecompletedtorrents.sh
Created January 22, 2011 23:17
Transmission-Daemon: Remove Completed Torrents
#!/bin/sh
# script to check for complete torrents in transmission folder, then stop and move them
# either hard-code the MOVEDIR variable here…
MOVEDIR=/home/mjdescy/media # the folder to move completed downloads to
# …or set MOVEDIR using the first command-line argument
# MOVEDIR=%1
# use transmission-remote to get torrent list from transmission-remote list
# use sed to delete first / last line of output, and remove leading spaces
# use cut to get first field from each line