Cyber Marmot georgethemarmot

## save-chrome-bookmarks.js
let bookmarkList = Array.from(document.querySelectorAll('.widget>.vbox'))
  .map(e => e.shadowRoot)
  .map(e => e && e.querySelector('.device-page-list'))
  .find(e => e);

let bookmarks = Array.from(bookmarkList.querySelectorAll('.vbox'))
  .map(e => `<a href="${e.querySelector('x-link').innerHTML}">${e.querySelector('.device-page-title').innerHTML}</a>`);

copy('<html><body>' + bookmarks.join('\n') + '</body></html>');

## 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md

      
              7 files
            
          
              26 forks
            
          
              2 comments
            
          
              107 stars
            
          
                nstarke
                / 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
            
            
              Last active
              June 5, 2024 19:01
            
              
                Reversing Cisco IOS Raw Binary Firmware Images with Ghidra
              
          
    Reversing Raw Binary Firmware Files in Ghidra

This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
Prep work in Binwalk

I was recently interested in reversing some older Cisco IOS images.  Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.

  
## Invoke-WebRequest_Ignore_SSL.ps1
add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }

## country_date_formats.csv

          
            ISO 3166 Country Code
            ISO639-2 Country Code
            Country
            ISO 3166 Country Code
            ISO639-2 Lang
            Language
            Date Format

            
              ALB
              AL
              Albania
              sqi
              sq
              Albanian
              yyyy-MM-dd

            
              ARE
              AE
              United Arab Emirates
              ara
              ar
              Arabic
              dd/MM/yyyy

            
              ARG
              AR
              Argentina
              spa
              es
              Spanish
              dd/MM/yyyy

            
              AUS
              AU
              Australia
              eng
              en
              English
              d/MM/yyyy

            
              AUT
              AT
              Austria
              deu
              de
              German
              dd.MM.yyyy

            
              BEL
              BE
              Belgium
              fra
              fr
              French
              d/MM/yyyy

            
              BEL
              BE
              Belgium
              nld
              nl
              Dutch
              d/MM/yyyy

            
              BGR
              BG
              Bulgaria
              bul
              bg
              Bulgarian
              yyyy-M-d

            
              BHR
              BH
              Bahrain
              ara
              ar
              Arabic
              dd/MM/yyyy

## xml-attacks.md

      
              1 file
            
          
              30 forks
            
          
              5 comments
            
          
              114 stars
            
          
                mgeeky
                / xml-attacks.md
            
            
              Last active
              April 13, 2024 15:52
            
              
                XML Vulnerabilities and Attacks cheatsheet
              
          
    XML Vulnerabilities

XML processing modules may be not secure against maliciously constructed data. An attacker could abuse XML features to carry out denial of service attacks, access logical files, generate network connections to other machines, or circumvent firewalls.
The penetration tester running XML tests against application will have to determine which XML parser is in use, and then to what kinds of below listed attacks that parser will be vulnerable.


## windows_hardening.cmd
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:

## change-last-logged-on-user-windows-10.md

      
              1 file
            
          
              2 forks
            
          
              5 comments
            
          
              27 stars
            
          
                dbirks
                / change-last-logged-on-user-windows-10.md
            
            
              Last active
              June 3, 2024 02:07
            
              
                Change last logged on user on Windows 10
              
          
    In Windows 10 you can no longer change the last logged on user in the registry like you could in Windows 7. Windows 10 requires the user's SID to be entered as well. Here's an updated guide.
In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI, you'll want to change 4 entries:

LastLoggedOnDisplayName

Enter the user's full name, like Allan Jude


LastLoggedOnSAMUser

Enter the username, like SHORTDOMAIN\allan.jude


LastLoggedOnUser
Enter the username again, like SHORTDOMAIN\allan.jude


## Kali 2017.1 x64, Docker-ce Install script
#!/bin/bash

# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update

# remove previously installed Docker
sudo apt-get remove docker docker-engine docker.io* lxc-docker*

# install dependencies 4 cert

## silence.sh
#
# Needless to say, I (Volkan Ozcelik) take no responsibility, whatsoever,
# about what will happen to your NAS when you try these.
# When did it to mine, I observed *ENORMOUS* performance gain and a zen-like silence.
#
#     +----------------------------------------------------------+
#     |  WHAT YOU ARE GOING TO DO CAN LIKELY VOID YOUR WARRANTY  |
#     |                  SO PROCEED WITH CAUTION                 |
#     +----------------------------------------------------------+
#

## mac-vendor.txt
000000	Officially Xerox
000001	SuperLAN-2U
000002	BBN (was internal usage only, no longer used)
000003	XEROX CORPORATION
000004	XEROX CORPORATION
000005	XEROX CORPORATION
000006	XEROX CORPORATION
000007	XEROX CORPORATION
000008	XEROX CORPORATION
000009	powerpipes?
	let bookmarkList = Array.from(document.querySelectorAll('.widget>.vbox'))
	.map(e => e.shadowRoot)
	.map(e => e && e.querySelector('.device-page-list'))
	.find(e => e);

	let bookmarks = Array.from(bookmarkList.querySelectorAll('.vbox'))
	.map(e => `<a href="${e.querySelector('x-link').innerHTML}">${e.querySelector('.device-page-title').innerHTML}</a>`);

	copy('<html><body>' + bookmarks.join('\n') + '</body></html>');
	add-type @"
	using System.Net;
	using System.Security.Cryptography.X509Certificates;
	public class TrustAllCertsPolicy : ICertificatePolicy {
	public bool CheckValidationResult(
	ServicePoint srvPoint, X509Certificate certificate,
	WebRequest request, int certificateProblem) {
	return true;
	}
	}
ISO 3166 Country Code	ISO639-2 Country Code	Country	ISO 3166 Country Code	ISO639-2 Lang	Language	Date Format
ALB	AL	Albania	sqi	sq	Albanian	yyyy-MM-dd
ARE	AE	United Arab Emirates	ara	ar	Arabic	dd/MM/yyyy
ARG	AR	Argentina	spa	es	Spanish	dd/MM/yyyy
AUS	AU	Australia	eng	en	English	d/MM/yyyy
AUT	AT	Austria	deu	de	German	dd.MM.yyyy
BEL	BE	Belgium	fra	fr	French	d/MM/yyyy
BEL	BE	Belgium	nld	nl	Dutch	d/MM/yyyy
BGR	BG	Bulgaria	bul	bg	Bulgarian	yyyy-M-d
BHR	BH	Bahrain	ara	ar	Arabic	dd/MM/yyyy
	:: Windows 10 Hardening Script
	:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
	:: Obligatory 'views are my own'. :)
	:: Thank you @jaredhaight for the Win Firewall config recommendations!
	:: Thank you @ricardojba for the DLL Safe Order Search reg key!
	:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
	:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
	:
	#!/bin/bash

	# update apt-get
	export DEBIAN_FRONTEND="noninteractive"
	sudo apt-get update

	# remove previously installed Docker
	sudo apt-get remove docker docker-engine docker.io* lxc-docker*

	# install dependencies 4 cert
	#
	# Needless to say, I (Volkan Ozcelik) take no responsibility, whatsoever,
	# about what will happen to your NAS when you try these.
	# When did it to mine, I observed ENORMOUS performance gain and a zen-like silence.
	#
	# +----------------------------------------------------------+
	# \| WHAT YOU ARE GOING TO DO CAN LIKELY VOID YOUR WARRANTY \|
	# \| SO PROCEED WITH CAUTION \|
	# +----------------------------------------------------------+
	#
	000000 Officially Xerox
	000001 SuperLAN-2U
	000002 BBN (was internal usage only, no longer used)
	000003 XEROX CORPORATION
	000004 XEROX CORPORATION
	000005 XEROX CORPORATION
	000006 XEROX CORPORATION
	000007 XEROX CORPORATION
	000008 XEROX CORPORATION
	000009 powerpipes?