Skip to content

Instantly share code, notes, and snippets.

View safebuffer's full-sized avatar
🎩
Going to release some tools soon ..

H*s*m safebuffer

🎩
Going to release some tools soon ..
452 followers · 11 following
View GitHub Profile
@safebuffer
safebuffer / xml_json.py
Last active March 14, 2023 03:36
Nmap XML output to Json
import json,xmltodict
"""
Nmap XML Output to Json Output in Python
example : data = xml2json('nmap_output.xml')
"""
def xml2json(xml):
xmlfile = open(xml)
xml_content = xmlfile.read()
xmlfile.close()
xmljson = json.dumps(xmltodict.parse(xml_content), indent=4, sort_keys=True)
@safebuffer
safebuffer / diss_shellcode.py
Created January 6, 2019 13:46
disassemble shellcode with python
from capstone import *
shellcode_here = ""
def toop(code):
md = Cs(CS_ARCH_X86, CS_MODE_32)
for i in md.disasm(code, 0x1000):
print("0x%x:\t%s\t%s" %(i.address, i.mnemonic, i.op_str))
toop(shellcode_here)
@safebuffer
safebuffer / aslr_ck.sh
Created January 29, 2019 08:25
get libc address to check ASLR stuff
Filee=$1
getaddr(){
addr=`ldd $Filee | cut -d " " -f2 | head -n 1|tr -d "(|)" `
echo $addr
}
for i in {1..5}; do
if [ "$( getaddr )" == "$( getaddr )" ]; then
echo "[+] $( getaddr ) == $( getaddr ) "
echo "[+] ASLR disabled ! "
@safebuffer
safebuffer / decorator.py
Created September 22, 2019 13:26
IDOR protection Django
# -*- encoding: utf-8 -*-
from __future__ import unicode_literals
from functools import wraps
from django.core.exceptions import PermissionDenied
from django.core.exceptions import ObjectDoesNotExist
def door_safe(view=None,model=None):
def decorator(func):
@wraps(func)
def inner(request, *args, **kwargs):
@safebuffer
safebuffer / keybase.md
Created February 11, 2020 13:18

Keybase proof

I hereby claim:

  • I am wazehell on github.
  • I am wazehell (https://keybase.io/wazehell) on keybase.
  • I have a public key ASAk9fsbMBTWHcWZHQKn-r9xMjtErAdcXadEEPRzG0IGFQo

To claim this, I am signing this object:

@safebuffer
safebuffer / name2username.py
Created October 9, 2020 17:41
Names to Usernames
#!/usr/bin/env python
import itertools
import sys
def GenerateUsername(name):
USERNAMES = []
try:
import unidecode
name = unidecode.unidecode(name)
except Exception as e:
@safebuffer
safebuffer / asn_to_ips.py
Created April 12, 2021 21:50
ASN To IP List
import argparse
import time
import os
import platform
from requests import get as http_get
from netaddr import IPNetwork
def logprint(string):
now = time.time()
@safebuffer
safebuffer / word_dde.py
Created April 12, 2021 22:10
Generate DDE Word.docx
# -*- coding: utf-8 -*-
import win32com.client
import os
import argparse
def closeallword():
try:
objWord = win32com.client.Dispatch("Word.Application")
objWord.Application.Quit()
@safebuffer
safebuffer / UnloadSysmon.cpp
Created May 2, 2021 21:23
Unload Sysmon driver
#include <Windows.h>
#include <fltuser.h>
#pragma comment(lib,"FltLib.lib")
typedef NTSTATUS(NTAPI* _RtlAdjustPrivilege)(ULONG Privilege, BOOL Enable, BOOL CurrentThread, PULONG WasEnabled);
int main()
{
HRESULT unload;
ULONG WasEnabled;
HMODULE hNtdll = NULL;
LPCWSTR SYSMONDRIVER = L"SysmonDrv";
@safebuffer
safebuffer / burp.py
Created July 18, 2021 09:13
Dynamic x-nonce for Oracle Banking Digital Experience
from burp import IBurpExtender
from burp import ISessionHandlingAction
from burp import ITab
import sys
import json
sys.path.append('/usr/local/lib/python2.7/dist-packages')
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)