| Base64 Code | Mnemonic Aid | Decoded* | Description |
|---|---|---|---|
JAB |
🗣 Jabber | $. |
Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env: |
TVq |
📺 Television | MZ |
MZ header |
SUVY |
🚙 SUV | IEX |
PowerShell Invoke Expression |
SQBFAF |
🐣 Squab favorite | I.E. |
PowerShell Invoke Expression (UTF-16) |
SQBuAH |
🐣 Squab uahhh | I.n. |
PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz |
PAA |
💪 "Pah!" | <. |
Often used by Emotet (UTF-16) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| SLEEP_DURATION=${SLEEP_DURATION:=1} # default to 1 second, use to speed up tests | |
| progress-bar() { | |
| local duration | |
| local columns | |
| local space_available | |
| local fit_to_screen | |
| local space_reserved |
Neo23x0
/ Base64_CheatSheet.md
Last active
May 23, 2024 08:25
Learning Aid - Top Base64 Encodings Table
nstarke
/ 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Last active
April 26, 2024 06:26
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
stecman
/ dump-pyc-with-gdb.md
Last active
March 25, 2024 09:20
Dumping all bytecode from a packaged Python application
This is a technique for extracting all imported modules from a packaged Python application as .pyc files, then decompiling them. The target program needs to be run from scratch, but no debugging symbols are necessary (assuming an unmodified build of Python is being used).
This was originally performed on 64-bit Linux with a Python 3.6 target. The Python scripts have since been updated to handle pyc files for Python 2.7 - 3.9.
In Python we can leverage the fact that any module import involving a .py* file will eventually arrive as ready-to-execute Python code object at this function:
PyObject* PyEval_EvalCode(PyObject *co, PyObject *globals, PyObject *locals);
dawand
/ download_apk.py
Last active
December 9, 2023 01:46
Download APK files from Google Play Store with Python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| """ | |
| File name: download_apk.py | |
| Author: Dawand Sulaiman | |
| Download APK files from Google Play Store with Python | |
| This script scraps https://apkpure.com to get the apk download link | |
| Make sure you have BeautifulSoup and urllib libraries | |
| """ |
AveYo
/ .. MediaCreationTool.bat ..md
Last active
May 30, 2024 17:56
Universal MediaCreationTool wrapper for all MCT Windows 10 versions - MOVED TO github.com/AveYo/MediaCreationTool.bat
We did it! We broke gist.github.com ;) So head over to the new home! Thank you all!
2021.10.20: https://github.com/AveYo/MediaCreationTool.bat now open for interaction
Not just an Universal MediaCreationTool wrapper script with ingenious support for business editions,
A powerful yet simple windows 10 / 11 deployment automation tool as well!
trolleway
/ trolleway_gis_snippets.md
Last active
May 26, 2022 12:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import random | |
| import argparse | |
| import sys | |
| from io import BytesIO | |
| # Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client | |
| PY2 = True if sys.version_info.major == 2 else False |
paschoaletto
/ vimeo_downloader.py
Last active
September 13, 2022 13:52
Downloads segmented audio+video from Vimeo and saves as .mp4 - Usage: 'python vimeo_downloader.py http://...master.json?base64_init=1 optional_name' modified from https://gist.github.com/tayiorbeii/d78c7e4b338b031ce8090b30b395a46f that was modified from https://gist.github.com/alexeygrigorev/a1bc540925054b71e1a7268e50ad55cd
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import base64 | |
| from tqdm import tqdm | |
| import sys | |
| import subprocess as sp | |
| FFMPEG_BIN = 'ffmpeg.exe' | |
| master_json_url = sys.argv[1] | |
| base_url = master_json_url[:master_json_url.rfind('/', 0, -26) - 5] |
aallan
/ mac-vendor.txt
Last active
June 2, 2024 15:41
List of MAC addresses with vendors identities
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 000000 Officially Xerox | |
| 000001 SuperLAN-2U | |
| 000002 BBN (was internal usage only, no longer used) | |
| 000003 XEROX CORPORATION | |
| 000004 XEROX CORPORATION | |
| 000005 XEROX CORPORATION | |
| 000006 XEROX CORPORATION | |
| 000007 XEROX CORPORATION | |
| 000008 XEROX CORPORATION | |
| 000009 powerpipes? |