https://www.youtube.com/playlist?list=PLKK11Ligqitg9MOX3-0tFT1Rmh3uJp7kA
UnConfuserEx https://mega.nz/#!U1hxwQKb!7WFBSjrZgg8ieFp15K0RJW8rWuyMHZTO9bpCekhBQfY | |
ConfuserExDupPopPatcher https://mega.nz/#!IkhHzZDS!vPYABdYJtuDIGJBHdKzwIqLajxugJaNlENWr5CWjNlo | |
ConfuserExStringDecryptor https://mega.nz/#!plhxRJyY!Vq9eRS-gixC__q75860gDD8Tcm_ncOfCCCP_HQKguUM | |
ConfuserExCallFixer https://mega.nz/#!0gZFlbwC!KFka_Kxe-GuU-d8COni91xmGPbiRnbX6lBLYAomn7No | |
I'm not responsible for what you do with these -- they may very well be backdoored |
As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.
(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))
**1.
import socket | |
import random | |
import argparse | |
import sys | |
from io import BytesIO | |
# Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client | |
PY2 = True if sys.version_info.major == 2 else False |
We did it! We broke gist.github.com ;) So head over to the new home! Thank you all!
2021.10.20: https://github.com/AveYo/MediaCreationTool.bat now open for interaction
Not just an Universal MediaCreationTool wrapper script with ingenious support for business editions,
A powerful yet simple windows 10 / 11 deployment automation tool as well!
import requests | |
import base64 | |
from tqdm import tqdm | |
master_json_url = 'https://178skyfiregce-a.akamaihd.net/exp=1474107106~acl=%2F142089577%2F%2A~hmac=0d9becc441fc5385462d53bf59cf019c0184690862f49b414e9a2f1c5bafbe0d/142089577/video/426274424,426274425,426274423,426274422/master.json?base64_init=1' | |
base_url = master_json_url[:master_json_url.rfind('/', 0, -26) + 1] | |
resp = requests.get(master_json_url) | |
content = resp.json() |
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
################## | |
# Privacy Settings | |
################## | |
# Privacy: Let apps use my advertising ID: Disable | |
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo -Name Enabled -Type DWord -Value 0 | |
# To Restore: | |
#Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo -Name Enabled -Type DWord -Value 1 | |
# Privacy: SmartScreen Filter for Store Apps: Disable | |
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Name EnableWebContentEvaluation -Type DWord -Value 0 |