Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
offline

evandrix evandrix

💭
offline
View GitHub Profile
@andrea-mucci
andrea-mucci / timeseries.py
Last active Oct 9, 2021
create a timeseries for a reservation calendar
View timeseries.py
import pandas as pd
from datetime import datetime
def get_availabilities(start, end, freq, weekmask=None, bhours=None, bstop=None, holidays=None):
"""
:param start: datetime
:param end: datetime
:param freq: int
@10maurycy10
10maurycy10 / sbox.rs
Last active Sep 21, 2021
a simple rust snippet to compute an AES/Rijndael Sbox.
View sbox.rs
// Substitution BOX, a lookup table to optimyze the substitution step
pub type Sbox = [u8; 256];
// shift 8 bits left
fn rot_l8(x: u8,shift: isize) -> u8 {
// check that input is in bounds
assert!(shift < 8);
assert!(shift > -8);
// actualy do it
((x) << (shift)) | ((x) >> (8 - (shift)))
@jfmaes
jfmaes / ssl-scraper.py
Last active Sep 10, 2021
extract hostnames based on SSL certificates
View ssl-scraper.py
#!/usr/bin/python
import requests
from socket import *
from requests.packages.urllib3.contrib import pyopenssl as reqs
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
import argparse
import ipaddress
#import asyncio
@ramimac
ramimac / Cloud Security Orienteering Checklist.md
Last active Oct 7, 2021
A Checklist of Cloud Security Orienteering
View Cloud Security Orienteering Checklist.md

Cloud Security Orienteering: Checklist
by Rami McCarthy
via TL;DR sec

How to orienteer in a cloud environment, dig in to identify the risks that matter, and put together actionable plans that address short, medium, and long term goals.

Based on the Cloud Security Orienteering methodology.

Checklist

View IcedID_07_26_2021.txt
IcedID Dropper:
IcedID Dropper Analysis:
IcedID Dropper URL:
IcedID Loader Analysis: https://tria.ge/210726-trdt8nd4te
IcedID Staging Server: feedbackfileweb.club
IcedID Loader Project ID: 1394912167
IcedID Core Analysis: https://tria.ge/210726-a4jls9zgbs
IcedID Core C2s: gsterangsic.buzz oscanonamik.club riderskop.top iserunifish.club
@gladiatx0r
gladiatx0r / Workstation-Takeover.md
Last active Oct 17, 2021
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure
View Workstation-Takeover.md

Overview

In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;

  • Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
  • Relaying that machine authentication to LDAPS for configuring RBCD
  • RBCD takeover

The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.

View DhashIcon.py
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# Thomas Roccia | IconDhash.py
# pip3 install lief
# pip3 install pillow
# resource: https://www.hackerfactor.com/blog/?/archives/529-Kind-of-Like-That.html
import lief
import os
import argparse
@hazcod
hazcod / CVE-2021-36934.bat
Created Jul 22, 2021
CVE-2021-36934 manual mitigation in commandprompt.
View CVE-2021-36934.bat
echo > CVE-2021-36934 fixer
echo See https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36934
echo Deleting current shadow copies...
vssadmin delete shadows /all /quiet
echo Fixing privilege issue...
icacls %windir%\system32\config\*.* /inheritance:e
echo Creating brand new shadow copy...
@boompig
boompig / send_more_money.py
Created Jul 20, 2021
3 solver implementations for send+more=money problem
View send_more_money.py
from typing import Optional, Tuple, Set, List, Dict
import copy
import time
from argparse import ArgumentParser
import random
import json
import numpy as np
import os
import uuid
from types import SimpleNamespace
@aaaddress1
aaaddress1 / veh_AmsiBypass.cpp
Created Jul 20, 2021
(VEH) AMSI Bypass without Memory Patch
View veh_AmsiBypass.cpp
// Exception-Based AMSI Bypass
// by aaaddress1@chroot.org
#include <amsi.h>
#include <iostream>
#include <Windows.h>
#pragma comment(lib, "amsi.lib")
#pragma comment(lib, "ole32.lib")
#pragma warning( disable : 4996 )
#define AMSIPROJECTNAME L"scanner"