Skip to content

Instantly share code, notes, and snippets.

View galaris's full-sized avatar
🏠
Y29udGFjdEBkb21pbmlrYW50YWwubWU=

Dominik Antal galaris

🏠
Y29udGFjdEBkb21pbmlrYW50YWwubWU=
567 followers · 5.8k following
View GitHub Profile
@MikeN123
MikeN123 / cipherlist.txt
Created February 4, 2014 19:31
Default Cipher
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
* SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
* SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
@MikeN123
MikeN123 / SSLInfo.java
Created February 4, 2014 19:28
import java.util.Iterator;
import java.util.Map;
import java.util.TreeMap;
import javax.net.ssl.SSLServerSocketFactory;
/*
* Source from Christopher Schultz
* @see http://markmail.org/message/zn4namfhypyxum23
*/
public class SSLInfo
@rwest
rwest / README
Created January 9, 2012 16:42 — forked from symposion/README
Convert OS X Keychain exported entries into logins for 1Password import
These two files should help you to import passwords from mac OS X keychains to 1password.
Assumptions:
1) You have some experience with scripting/are a power-user. These scripts worked for me
but they haven't been extensively tested and if they don't work, you're on your own!
Please read this whole document before starting this process. If any of it seems
incomprehensible/frightening/over your head please do not use these scripts. You will
probably do something Very Bad and I wouldn't want that.
2) You have ruby 1.9.2 installed on your machine. This comes as standard with Lion, previous
versions of OS X may have earlier versions of ruby, which *may* work, but then again, they
@DDuarte
DDuarte / structs_601_18179.h
Created June 13, 2015 14:03
By Shauren
class AccountObjectSetCheats
{
bool AutoBattle = false;
AccountobjectSetCheats Type;
int8 SlotLockCheat = 0;
};
class AccountObjectGetProfile
{
std::string Filename;
@sckalath
sckalath / windows_blind
Created July 14, 2014 21:08
Windows Blind Files
%SYSTEMDRIVE%\boot.ini
%WINDIR%\win.ini This is another file that can be counted on to be readable by all users of a system.
%SYSTEMROOT%\repair\SAM
%SYSTEMROOT%\System32\config\RegBack\SAM Stores user passwords in either an LM hash and/or an NTLM hash format. The SAM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\repair\system
%SYSTEMROOT%\System32\config\RegBack\system This is the SYSTEM registry hive. This file is needed to extract the user account password hashes from a Windows system. The SYSTEM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\repair\SAM
%SYSTEMROOT%\System32\config\RegBack\SAM These files store the LM and NTLM hashes for local users. Using Volume Shadow Copy or Ninja Copy you can retrieve these files.
%WINDIR%\repair\sam
%WINDIR%\repair\system
@Marko-M
Marko-M / magento2-performance-toolkit.sh
Last active March 28, 2023 17:27
Magento2 performance toolkit
#!/bin/bash
# Generate sample data and trigger Magento2 performance toolkit jMeter test plan.
HOST="magento2.loc"
BASE_PATH="/"
USERS=100
RAMP_PERIOD=300
LOOPS=1
ADMIN_USER="magento2"
ADMIN_PASSWORD="magento2"
anonymous
anonymous / gist:d0da355e5c21a122866808d37234cd5d
Created October 23, 2016 00:12
PowerShell malware [posted by @JohnLaTwC]
//sample: 1554e74b935a61d446cb634f80d7d1e200e864bc
//posted by @JohnLaTwC
// Also see research by Sudeep Singh, Yin Hong Chang @ https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html
----------------------------------------------- macro ----------------------------------
Private Sub Workbook_Open()
Call doom_Init
Call doom_ShowHideSheets
End Sub
@tothi
tothi / mitmproxy-jwt-refresh-addon.py
Created August 28, 2022 20:52
mitmproxy addon for handling oauth access and refresh tokens automatically
# run: mitmproxy -k -p 8090 -s mitmproxy-jwt-refresh-addon.py
# set burp upstream proxy to localhost:8090
#
# use case:
# - application authorization is implemented by OAuth 2.0
# - testing is performed using Burp as primary and mitmproxy as upstream proxy
# - mitmproxy takes care of the Authorization tokens using this addon
# - user gets an access_token and a refresh_token during the 1st login (e.g. password login)
# - mitmproxy addon caches access_token and refresh_token
# - mitmproxy addon adds Authorization: Bearer [access_token from cache] header for every request
@JorgeGT
JorgeGT / plotRTL1090.matlab
Last active October 18, 2023 07:56
3D visualization of air traffic through RTL-SDR and MATLAB
%% PlotRTL1090
% 3D visualization of air traffic through RTL-SDR (dump1090) and MATLAB
% Copyright (C) 2014 Jorge Garcia Tiscar
%
% This program is free software: you can redistribute it and/or modify
% it under the terms of the GNU General Public License as published by
% the Free Software Foundation; either version 3 of the License, or
% (at your option) any later version (see LICENSE).
%% Initialize
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active January 14, 2024 16:43
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload