Skip to content

Instantly share code, notes, and snippets.

View miglen's full-sized avatar
👨‍💻

Miglen Evlogiev miglen

👨‍💻
229 followers · 1.6k following
View GitHub Profile
@miglen
miglen / README.md
Created July 14, 2022 06:07
moj1 phishing kit

This is the contents from a phishing attemt I had recieved recently.

Workflow

  1. Recieve an attachment.html usually from a free email service.
  2. The email contains html file with encoded JS that would call http://angelotti.it/cms/moj1.js
  3. Once you open the html file an outlook login portal will be visualized to authenticate.

IoCs:

@miglen
miglen / news-feeds-eradicator-linkedin.user.js
Last active July 4, 2022 12:19
News Feed Eradicator for LinkedIn
// ==UserScript==
// @name News Feed Eradicator for LinkedIn
// @namespace http://miglen.com/
// @version 0.5
// @description News Feed Eradicator for LinkedIn
// @author Miglen Evlogiev (hi@miglen.com)
// @match https://www.linkedin.com/*
// @grant none
// @downloadURL https://gist.github.com/miglen/4f1bccf15b63944675d34149dff0bc3d/raw/news-feeds-eradicator-linkedin.user.js#.user.js
// @updateURL https://gist.github.com/miglen/4f1bccf15b63944675d34149dff0bc3d/raw/news-feeds-eradicator-linkedin.user.js#.user.js
@miglen
miglen / Facebook Messenger Phishing Campaign via zu7.eu .md
Last active May 31, 2022 17:02
Facebook Messenger Phishing Campaign via zu7.eu

Today I had recieved an interesting phishing message via Messenger from a frend, who's also a tech guy so it was suprirpising that he got compromised.

The initial message said:

Is it you in this video? 😱
https://zu7.eu/L3VAD6EzsR

The url loaded from any browser, orther than mobile will redirect to twitch.tv otherwise it would display the following html:

@miglen
miglen / postbank.location.js
Created April 22, 2015 07:12
postbank.location.js
/*
Този скрипт е пълен с едни от най-забавните коментари на български.
Разработен е от някой от разработчиците на Iliyan.com за Пощенска банка.
Пазя го за да се смеем ако го променят в сайта.
Оригинална локация: https://www.postbank.bg/Applications/Locations/_inc/js/locations.js
*/
@miglen
miglen / xss.py
Created February 25, 2022 09:53
Simple automated XSS check with selenium
import requests
import time
import urllib.parse
from bs4 import BeautifulSoup
from selenium import webdriver
from selenium.common.exceptions import NoAlertPresentException
url = "https://xss-game.appspot.com/level1/frame"
response = requests.get(url)
soup = BeautifulSoup(response.text)
@miglen
miglen / Esox-Lucius_PiHoleblocklists.txt
Created September 30, 2021 10:13
Esox-Lucius_PiHoleblocklists.txt
This file has been truncated, but you can view the full file.
# Source https://github.com/Esox-Lucius/PiHoleblocklists
0-800-email.com
0-aprcredit-card.website
0-aprcredit-cards.website
0-aprcreditcard.website
0-aprcreditcards.website
0-secure-paypal.com
0.0.0.0 0-0.028.openvpn.cloud.btcchina.com
0.0.0.0 0-100-195.btcc.com
0.0.0.0 0-100-bhd.foxypool.cf
@miglen
miglen / better-ssh-authorized-keys-management.md
Last active September 14, 2021 05:07 — forked from sivel/better-ssh-authorized-keys-management.md
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

@miglen
miglen / README.md
Created September 1, 2021 13:18
Notes from Vulnerability management in package dependencies @ Softuni - 31.08.2021

Overview

The following page contains my notes and links about the seminar we had @ Softuni on Vulnerability management in package dependencies at 31st of August 2021.

@miglen
miglen / packagejson.py
Created February 10, 2021 11:55
Dirty check for non existing public npm dependencies
#!/bin/env python3
# https://www.bleepingcomputer.com/news/security/researcher-hacks-over-35-tech-firms-in-novel-supply-chain-attack/
# The following script finds all package.json files in the current dir and checks if there are referenced any
# dependencies that no public package is available for, making your application vulnerable to supply-chain attack.
# Simply run ./packagejson.py in your root repository direcotory.
import json
import requests
from pathlib import Path
import urllib.parse
@miglen
miglen / change_instance.sh
Created February 15, 2016 16:33 — forked from nicosnyman/change_instance.sh
Easily change instance types on AWS EC2 with a bash script
#!/bin/bash
# Nico Snyman, nico@gammafly.com, 14/05/2015
# Change an instance type, while keeping snapshots
# This script will stop an instance identified by instance ID,
# take snapshots of all atached volumes, and restart it
# Use:
# -i instance ID - REQUIRED - stored in instance_id
# -t instance new instance type - REQUIRED - stored in instance_type
# -s if set to 0, no snapshot will be taken, dafault is 1
# (take snapshot of attached volumes) - stored in snapshot