Skip to content

Instantly share code, notes, and snippets.

View fix_creationdate_googlephotos
#Find photos in "./GoogleDrive" folder with the format IMG_XXXYYZZ_KKLLMM.NNN.jpg and set their original taken date (if missing). This can be helpful if you want to import bulk photos to a photo manager (e.g. QNAP photostation)
#!/bin/bash
OIFS="$IFS"
IFS=$'\n'
for f in $(find ./GoogleDrive/* -name '*.jpg'); do
if [[ "$f" == *"__thumb"* ]]; then
true
else
if [[ "$f" == *"IMG_"* ]]; then
@istais
istais / MacroDetectSandbox.vbs
Created January 13, 2019 14:48 — forked from mgeeky/MacroDetectSandbox.vbs
Visual Basic script responsible for detecting Sandbox environments, as presented in modern Trojan Droppers implemented in Macros.
View MacroDetectSandbox.vbs
Private Declare PtrSafe Function isDbgPresent Lib "kernel32" Alias "IsDebuggerPresent" () As Boolean
Public Function IsFileNameNotAsHexes() As Boolean
Dim str As String
Dim hexes As Variant
Dim only_hexes As Boolean
only_hexes = True
hexes = Array("0", "1", "2", "3", "4", "5", "6", "7", _
"8", "9", "a", "b", "c", "d", "e", "f")
@istais
istais / vba-windows-persistence.vbs
Created January 13, 2019 14:34 — forked from mgeeky/vba-windows-persistence.vbs
VBA Script implementing two windows persistence methods - via WMI EventFilter object and via simple Registry Run.
View vba-windows-persistence.vbs
'
' SYNOPSIS:
' This macro implements two windows persistence methods:
' - WMI Event Filter object creation
' - simple HKCU Registry Run value insertion. It has to be HKCU to make it work under Win10 x64
'
' WMI Persistence method as originally presented by SEADADDY malware
' (https://github.com/pan-unit42/iocs/blob/master/seaduke/decompiled.py#L887)
' and further documented by Matt Graeber.
'
@istais
istais / bbnotes.MD
Created December 13, 2017 09:44 — forked from nethunteros/bbnotes.MD
Bash Bunny notes
View bbnotes.MD

Assumes were using Linux/Kali

Bash Bunny is an awesome little device by Hak5 and I wrote down a few notes to quickly get started.

First Steps

Plug in arming mode (closest to computer) Download firmware from: https://wiki.bashbunny.com/#!downloads.md Check checksum Follow instructions of placing into root of bashbunny drive/folder and eject/plug back in

View gist:fb06bd5d829e058f4484e2a544c987f3
### Keybase proof
I hereby claim:
* I am istais on github.
* I am istais (https://keybase.io/istais) on keybase.
* I have a public key whose fingerprint is 4A27 5959 7353 E6C1 27BD 6CF9 D8C0 5502 B6A5 71AD
To claim this, I am signing this object: