Get Homebrew installed on your mac if you don't already have it
Install highlight. "brew install highlight". (This brings down Lua and Boost as well)
Alban Diquet nabla-c0d3
🌴
nabla-c0d3
/ gist:961af2560634ff53cb77
Created
March 2, 2015 06:04
HTML Payload to send a POST request via JS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <head> | |
| <script> | |
| function postData(url, body) { | |
| var http = new XMLHttpRequest; | |
| http.open("POST", url, true); | |
| http.setRequestHeader('Content-Type', 'text/xml'); | |
| http.withCredentials = 'true'; | |
| http.onreadystatechange = function() { | |
| if(http.readyState == 4) { |
nabla-c0d3
/ gist:1b50a21bff7220683e91
Last active
August 29, 2015 14:19
— forked from jimbojsb/gist:1630790
Syntax coloring on OS X
nabla-c0d3
/ keybase.md
Created
July 29, 2016 17:20
I hereby claim:
- I am nabla-c0d3 on github.
- I am nabla (https://keybase.io/nabla) on keybase.
- I have a public key whose fingerprint is C6EE 0C3B 35FB A053 DE97 DB7E E889 2555 B489 B47B
To claim this, I am signing this object:
nabla-c0d3
/ leak_sync_scanner.py
Created
December 2, 2017 22:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pympler import tracker | |
| from sslyze.plugins.certificate_info_plugin import CertificateInfoScanCommand | |
| from sslyze.server_connectivity import ServerConnectivityInfo, ServerConnectivityError | |
| from sslyze.ssl_settings import TlsWrappedProtocolEnum | |
| from sslyze.synchronous_scanner import SynchronousScanner | |
| from sslyze.plugins.openssl_cipher_suites_plugin import Tlsv10ScanCommand | |
| from sslyze.plugins.openssl_cipher_suites_plugin import Tlsv11ScanCommand | |
| memory_tracker = tracker.SummaryTracker() |
nabla-c0d3
/ leak_nassl.py
Created
December 2, 2017 22:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pympler import tracker | |
| from nassl.ssl_client import OpenSslVersionEnum, OpenSslVerifyEnum | |
| import socket | |
| from nassl.legacy_ssl_client import LegacySslClient, SslClient | |
| memory_tracker = tracker.SummaryTracker() | |
| for i in range(20): | |
| sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
nabla-c0d3
/ leak_server_connectivity.py
Created
December 2, 2017 22:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from pympler import tracker | |
| from sslyze.server_connectivity import ServerConnectivityInfo, ServerConnectivityError | |
| from sslyze.ssl_settings import TlsWrappedProtocolEnum | |
| memory_tracker = tracker.SummaryTracker() | |
| # Setup the server to scan and ensure it is online/reachable | |
| hostname = 'smtp.gmail.com' | |
| for i in range(20): | |
| try: |
nabla-c0d3
/ gist:616a1c570277e96db4698c0aa2ec7d09
Created
December 4, 2017 05:59
Windows memory usage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set _NT_SYMBOL_PATH=D:\Python36;srv*c:\mycache*https://msdl.microsoft.com/download/symbols | |
| set OANOCACHE=1 | |
| "C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\umdh.exe" -p:14724 -f:.\umdh1.txt | |
| "C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\umdh.exe" -d .\umdh1.txt .\umdh2.txt > .\umd12.txt |
nabla-c0d3
/ sslyze_robot.py
Last active
December 18, 2017 06:01
Scanning for the ROBOT Vulnerability at Scale
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sslyze.concurrent_scanner import ConcurrentScanner, PluginRaisedExceptionScanResult | |
| from sslyze.plugins.robot_plugin import RobotScanCommand, RobotScanResultEnum | |
| from sslyze.server_connectivity import ServerConnectivityInfo, ServerConnectivityError | |
| from sslyze.ssl_settings import TlsWrappedProtocolEnum | |
| SERVERS_TO_SCAN = [ | |
| ('www.google.com', 443, TlsWrappedProtocolEnum.HTTPS), | |
| ('smtp.gmail.com', 587, TlsWrappedProtocolEnum.STARTTLS_SMTP), | |
| ('imap.gmail.com', 993, TlsWrappedProtocolEnum.PLAIN_TLS), |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # With SSLyze 1.4.0, the code that performs connectivity testing with a server needs to be slightly changed: | |
| # SSLyze before 1.4.0 | |
| try: | |
| server_info = ServerConnectivityInfo( | |
| hostname='smtp.gmail.com', | |
| port=587, | |
| tls_wrapped_protocol=TlsWrappedProtocolEnum.STARTTLS_SMTP | |
| ) | |
| server_info.test_connectivity_to_server() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import tweepy | |
| from datetime import datetime, timedelta | |
| consumer_key = '' | |
| consumer_secret = '' | |
| access_token = '' | |
| access_secret = '' | |
| auth = tweepy.OAuthHandler(consumer_key, consumer_secret) | |
| auth.set_access_token(access_token, access_secret) |
OlderNewer