Skip to content

Instantly share code, notes, and snippets.

View minkione's full-sized avatar

Anthony Bordel minkione

25 followers · 12 following
View GitHub Profile
@minkione
minkione / watermark.bash
Created April 25, 2024 17:46 — forked from fsalehpour/watermark.bash
Script to add a scrolling watermark and scaling a video in one go using `ffmpeg`
#!/bin/bash
dir=$(pwd)
(cd $1
mkdir -p output
for i in *
do
output="output/$(echo $i | sed 's/\..*$/\.mp4/')"
@minkione
minkione / socat-x-process.py
Created March 17, 2024 21:40 — forked from RoganDawes/socat-x-process.py
A python script to coalesce output from `socat -x` hexdumps.
#!/usr/bin/env python3
import sys
import argparse
import datetime
import datetime
import re
class TimeDeltaType(object):
@minkione
minkione / gist:898e364abcce6c95ef9305206dd1e4fc
Created May 9, 2023 22:04 — forked from dbaldwin/gist:df58544fae360e84f5c9d8ab371500f5
Unitree Low Level and ROS Low Level Control from Windows with Docker
# From Windows terminal
docker run -p 6080:80 --shm-size=512m --name ros_go1 -d tiryoh/ros-desktop-vnc:melodic
# Access the instance through the url
http://localhost:6080
# From home directory in Docker
mkdir -p catkin_ws/src
# Go into catkin workspace
@minkione
minkione / mixunpin.js
Created February 21, 2023 18:46 — forked from incogbyte/mixunpin.js
Frida script to bypass common methods of sslpining Android
console.log("[*] SSL Pinning Bypasses");
console.log(`[*] Your frida version: ${Frida.version}`);
console.log(`[*] Your script runtime: ${Script.runtime}`);
/**
* by incogbyte
* Common functions
* thx apkunpacker, NVISOsecurity, TheDauntless
* Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
* !!! THIS SCRIPT IS NOT A SILVER BULLET !!
@minkione
minkione / aes_fi.ino
Created February 4, 2022 09:52 — forked from DavidBuchanan314/aes_fi.ino
Arduino AES-128 Fault Injection test program. Main loop is at the end of the file. AES impl from https://github.com/kokke/tiny-AES-c
/* https://github.com/kokke/tiny-AES-c */
#ifndef _AES_H_
#define _AES_H_
#include <stdint.h>
#include <stddef.h>
// #define the macros below to 1/0 to enable/disable the mode of operation.
//
// CBC enables AES encryption in CBC-mode of operation.
@minkione
minkione / rmi_dump.sh
Created December 12, 2021 20:26 — forked from haqpl/rmi_dump.sh
Setup Java RMI registry and parse RMI calls.
#!/bin/bash
# haqpl
# https://aweirdimagination.net/2020/06/28/kill-child-jobs-on-script-exit/
cleanup() {
# kill all processes whose parent is this process
pkill -P $$
}
for sig in INT QUIT HUP TERM; do
trap "
@minkione
minkione / log4j-keywords
Last active December 12, 2021 20:22 — forked from bugbountynights/log4j-keywords
${ctx:loginId}
${map:type}
${filename}
${date:MM-dd-yyyy}
${docker:containerId}
${docker:containerName}
${docker:imageName}
${env:USER}
${env:AWS_SECRET_ACCESS_KEY}
${env:GITHUB_TOKEN}
@minkione
minkione / wordlist_from_js.sh
Created November 16, 2021 10:47 — forked from seqrity/wordlist_from_js.sh
Make wordlist from js files
#! /bin/bash
## This script fetch js files from a domain name and make a wordlist by words in js files
## Credit: https://gist.github.com/aufzayed/6cabed910c081cc2f2186cd27b80f687
##### Install requirements #####
##### Before running this script you should install Go #####
## Install subjs (https://github.com/lc/subjs)
GO111MODULE=on go get -u -v github.com/lc/subjs
@minkione
minkione / dorks.txt
Created November 4, 2021 10:45 — forked from swarupsro/dorks.txt
List of Google Dorks for sites that have responsible disclosure program / bug bounty program
inurl /bug bounty
inurl : / security
inurl:security.txt
inurl:security "reward"
inurl : /responsible disclosure
inurl : /responsible-disclosure/ reward
inurl : / responsible-disclosure/ swag
inurl : / responsible-disclosure/ bounty
inurl:'/responsible disclosure' hoodie
responsible disclosure swag r=h:com
@minkione
minkione / PwnHistory.md
Created September 20, 2021 07:25 — forked from tothi/PwnHistory.md
Combine cracked historical passwords with numbers in order to crack the current ones

Attacking user behaviour as a consequence of forced regular password change

Let's assume using ophcrack for cracking NT hashes in pwdump format where the pwdump includes password history hashes also. Assume we have cracked several hashes in the history.

Steps for getting more passwords cracked (assuming users just increase/decrease/edit numbers at the end of their passwords on regular forced password change by policy):

  1. Get cracked passwords (including history):
cat ophcrack.pwdump | grep -v ':::$' | awk -F: '{ print $7 }' | sort -u > wordlist_ophcracked.txt