Skip to content

Instantly share code, notes, and snippets.

View arch_enable_bbr.sh
#!/bin/bash
#
# A script to enable TCP BBR on a Linux system.
#
# @author Dumitru Uzun (DUzun.Me)
# @version 1.0.0
# @distro ArchLinux/Manjaro
#
old_cc=`sysctl net.ipv4.tcp_congestion_control | awk -F= '{print $2}' | sed -e s/\^\\s//`
@marcan
marcan / smbloris.c
Last active Dec 12, 2020
SMBLoris attack proof of concept
View smbloris.c
/* SMBLoris attack proof-of-concept
*
* Copyright 2017 Hector Martin "marcan" <marcan@marcan.st>
*
* Licensed under the terms of the 2-clause BSD license.
*
* This is a proof of concept of a publicly disclosed vulnerability.
* Please do not go around randomly DoSing people with it.
*
* Tips: do not use your local IP as source, or if you do, use iptables to block
View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

View gist:7ee6ecdb716f8bb69c8555b437abef08
from dateutil import tz
tzone = tz.gettz('Europe/Paris')
utc = tz.gettz('UTC')
# Make datetime object timezone aware
datetime_local = datetime_local.replace(tzinfo=tzone)
# Do the timezone change
date_utc = datetime_local.astimezone(utc)
View amiiscript.sh
#!/bin/bash
#requirements:
#sha1sum (part of coreutils)
#xxd (part of vim)
#https://github.com/socram8888/ulread
#https://github.com/socram8888/amiitool
#put ulread, ulwrite and amiitool in the same directory as this script
if [ $# -ne 2 ]
@exp0se
exp0se / logparser.ps1
Created Mar 13, 2016
Logparser log parsing
View logparser.ps1
# Logparser
###############
# Security Log
###############
# Find Event id
& 'C:\Program Files (x86)\Log Parser 2.2\LogParser.exe' -stats:OFF -i:EVT "SELECT * FROM 'Security.evtx' WHERE EventID = '5038'"
@Neo23x0
Neo23x0 / config-server.xml
Last active Nov 7, 2019
Sysmon Base Configuration - Windows Server
View config-server.xml
<!--
This is a Microsoft Sysmon configuation to be used on Windows server systems
v0.2.1 December 2016
Florian Roth
The focus of this configuration is
- hacking activity on servers / lateral movement (bad admin, attacker)
It is not focussed on
- malware detection (execution)
- malware detection (network connections)
@Neo23x0
Neo23x0 / config-client.xml
Last active Oct 22, 2019
Sysmon Base Configuration - Workstations
View config-client.xml
<!--
This is a Microsoft Sysmon configuration to be used on Windows workstations
v0.2.1 December 2016
Florian Roth (with the help and ideas of others)
The focus of this configuration is
- malware detection (execution)
- malware detection (network connections)
- exploit detection
It is not focussed on
@gbaman
gbaman / HowToOTG.md
Last active Apr 8, 2021
Simple guide for setting up OTG modes on the Raspberry Pi Zero
View HowToOTG.md

Raspberry Pi Zero OTG Mode

Simple guide for setting up OTG modes on the Raspberry Pi Zero - By Andrew Mulholland (gbaman).

The Raspberry Pi Zero (and model A and A+) support USB On The Go, given the processor is connected directly to the USB port, unlike on the B, B+ or Pi 2 B, which goes via a USB hub.
Because of this, if setup to, the Pi can act as a USB slave instead, providing virtual serial (a terminal), virtual ethernet, virtual mass storage device (pendrive) or even other virtual devices like HID, MIDI, or act as a virtual webcam!
It is important to note that, although the model A and A+ can support being a USB slave, they are missing the ID pin (is tied to ground internally) so are unable to dynamically switch between USB master/slave mode. As such, they default to USB master mode. There is no easy way to change this right now.
It is also important to note, that a USB to UART serial adapter is not needed for any of these guides, as may be documented elsewhere across the int

@WarFox
WarFox / ace_editor_in_bootstrap_3_container.html
Last active Oct 27, 2016
Ace Editor Embedding in Bootstrap 3 container
View ace_editor_in_bootstrap_3_container.html
<!DOCTYPE html>
<html lang="en">
<head>
<title>ACE in Action</title>
<style type="text/css" media="screen">
#editor {
height: 300px;
}
</style>
</head>