farhan nadim pial pial-vai

## test_dll.c
/**
 *    This DLL is designed for use in conjunction with the Ruler tool for
 *    security testing related to the CVE-2024-21378 vulnerability,
 *    specifically targeting MS Outlook.
 *
 *    It can be used with the following command line syntax:
 *      ruler [auth-params] form add-com [attack-params] --dll ./test.dll
 *    Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
 *
 *    After being loaded into MS Outlook, it sends the PC's hostname and

## postMessageTracker.js
// ==UserScript==
// @name        PostMessage Tracker
// @namespace   Violentmonkey Scripts
// @match       *://*/*
// @version     1.0
// @author      Ounissi zakaria (https://twitter.com/zakaria_ounissi)
// @description Each time an event listener is added for `message` it adds a menu command to tha message handler.
// @grant GM.registerMenuCommand
// @run-at document-start
// ==/UserScript==

## hint_calls.py
'''
IDA plugin to display the calls and strings referenced by a function as hints.

Installation: put this file in your %IDADIR%/plugins/ directory.
Author: Willi Ballenthin <william.ballenthin@fireeye.com>
Licence: Apache 2.0
'''
import idc
import idaapi
import idautils

## condition.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                Ry0taK
                / condition.md
            
            
              Last active
              April 7, 2024 18:19
            
              
                Can we execute arbitrary JavaScript with these conditions?
              
          
    Demo site

https://is-xss-possible.pages.dev/
Problem

(Please note that this problem might be unresolvable, as it's a real-world one.)
I encountered the following JavaScript in the real world (this is the simplified version):
const obj = {};

  
## iridium-sdr.md

      
              1 file
            
          
              4 forks
            
          
              1 comment
            
          
              11 stars
            
          
                GrayHatGuy
                / iridium-sdr.md
            
            
              Last active
              May 9, 2024 15:19
            
              
                Iridium satellite cheat sheet for hackrf SDR capture using gr-iridium iridium-toolkit and iridium live
              
          
    Description

This details how to capture voice text and rings associated with iridium satellite rebroadcasts of the Aircraft Communications Addressing and Report System (ACARS)
Prerequisites:


Start installation in home directory preferred
cd ~


Install the following repos preferably from source or using apt in home directory or /usr/scr/:


## Blast.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              21 stars
            
          
                MiloTruck
                / Blast.md
            
            
              Last active
              March 29, 2024 15:29
            
          
    How to understand Blast 101

OP Stack

How OP Stack works


OP Stack Documentation
Optimism Bedrock Specs, relevant parts are:

Introduction


Overview


## 1_top+hacker_methodologies.md

      
              6 files
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                pial-vai
                / 1_top+hacker_methodologies.md
            
            
              Created
              January 7, 2024 18:37
                — forked from ruevaughn/1_top+hacker_methodologies.md
            
              
                 Hacker Methodologies & Tools (NEW)
              
          
    The Top Hacker Methodologies & Tools Notes

By Chase.  ** *

Nuclei Templates
Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting


My Methodology


## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              2 stars
            
          
                arkark
                / README.md
            
            
              Last active
              December 31, 2023 07:42
            
              
                ASIS CTF Finals 2023
              
          
    ASIS CTF Finals 2023


CTFtime: https://ctftime.org/event/1953

[web] gimme csp


47 solves / 96 pts

<body>

  
## SharePwn_public.py
# -*- coding: utf-8 -*-
import hashlib
import base64
import requests, string, struct, uuid, random, re
import sys
from collections import OrderedDict
from sys import version
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
# too lazy to deal with string <-> bytes confusion in python3 so forget it ¯\_(ツ)_/¯

## index.md

      
              1 file
            
          
              6 forks
            
          
              0 comments
            
          
              29 stars
            
          
                paj28
                / index.md
            
            
              Last active
              April 21, 2024 16:26
            
          
    Unicode XSS via Combining Characters

Most application security practitioners are familiar with Unicode XSS, which typically arises from the Unicode character fullwidth-less-than-sign. It’s not a common vulnerability but does occasionally appear in applications that otherwise have good XSS protection. In this blog I describe another variant of Unicode XSS that I have identified, using combining characters. I’ve not observed this in the wild, so it’s primarily of theoretical concern. But the scenario is not entirely implausible and I’ve not otherwise seen this technique discussed, so I hope this is useful.
Recap of Unicode XSS

Lab: https://4t64ubva.xssy.uk/
A quick investigation of the lab shows that it is echoing the name parameter, and performing HTML escaping:
	/**
	* This DLL is designed for use in conjunction with the Ruler tool for
	* security testing related to the CVE-2024-21378 vulnerability,
	* specifically targeting MS Outlook.
	*
	* It can be used with the following command line syntax:
	* ruler [auth-params] form add-com [attack-params] --dll ./test.dll
	* Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
	*
	* After being loaded into MS Outlook, it sends the PC's hostname and
	// ==UserScript==
	// @name PostMessage Tracker
	// @namespace Violentmonkey Scripts
	// @match :///*
	// @version 1.0
	// @author Ounissi zakaria (https://twitter.com/zakaria_ounissi)
	// @description Each time an event listener is added for `message` it adds a menu command to tha message handler.
	// @grant GM.registerMenuCommand
	// @run-at document-start
	// ==/UserScript==
	'''
	IDA plugin to display the calls and strings referenced by a function as hints.

	Installation: put this file in your %IDADIR%/plugins/ directory.
	Author: Willi Ballenthin <william.ballenthin@fireeye.com>
	Licence: Apache 2.0
	'''
	import idc
	import idaapi
	import idautils
	# -- coding: utf-8 --
	import hashlib
	import base64
	import requests, string, struct, uuid, random, re
	import sys
	from collections import OrderedDict
	from sys import version
	from urllib3.exceptions import InsecureRequestWarning
	requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
	# too lazy to deal with string <-> bytes confusion in python3 so forget it ¯\_(ツ)_/¯