Skip to content

Instantly share code, notes, and snippets.

View sekuryti's full-sized avatar
:octocat:
gcc -o app app.c

Matthew T. Carr sekuryti

:octocat:
gcc -o app app.c
View GitHub Profile
import requests
import json
# JSON data containing PII
data_with_pii = {
"id": 1,
"firstName": "Terry",
"lastName": "Medhurst",
"maidenName": "Smitham",
"age": 50,
curl -X POST \
-H "Content-Type: application/json" \
-d '{"text":"{\"name\": \"Matty\", \"last_name\": \"Cincinatti\"}"}' \
https://x.api-factory.com/redact
@sekuryti
sekuryti / log4j_rce_check.py
Created December 11, 2021 16:16 — forked from byt3bl33d3r/log4j_rce_check.py
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (https://www.lunasec.io/docs/blog/log4j-zero-day/)
#! /usr/bin/env python3
'''
Needs Requests (pip3 install requests)
Author: Marcello Salvati, Twitter: @byt3bl33d3r
License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)
This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.

Keybase proof

I hereby claim:

  • I am sekuryti on github.
  • I am int0x33 (https://keybase.io/int0x33) on keybase.
  • I have a public key ASCfPw27tiAPkGwjBolUP8VNr5weJ8uVmkc0fnov9NqebAo

To claim this, I am signing this object:

@sekuryti
sekuryti / api_hashing.cs
Created November 27, 2021 09:50
Proof of Concept Windows API Hashing in C#
using System;
using System.Runtime.InteropServices;
namespace API_Hashing
{
class Program
{
[DllImport("kernel32", SetLastError = true, CharSet = CharSet.Ansi)]
static extern IntPtr LoadLibrary([MarshalAs(UnmanagedType.LPStr)] string lpFileName);
# This code is very hacky, please excuse the nonsensical variable/function naming
# See https://twitter.com/David3141593/status/1442883432925773829 for context
# Derived from this implementation of XXHASH64: https://github.com/Cyan4973/xxHash/blob/dev/xxhash.h
from xxhash import xxh64
XXH_PRIME64_1 = 0x9E3779B185EBCA87
XXH_PRIME64_2 = 0xC2B2AE3D27D4EB4F
XXH_PRIME64_3 = 0x165667B19E3779F9
XXH_PRIME64_4 = 0x85EBCA77C2B2AE63
@sekuryti
sekuryti / demo.m
Created September 26, 2021 08:35 — forked from alyssarosenzweig/demo.m
AppleJPEGDriver decode routine for the Apple M1
/*
* Copyright (C) 2021 Alyssa Rosenzweig <alyssa@rosenzweig.io>
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
[
{
"name": "ext-vars-test.yar",
"path": "yara/ext-vars-test.yar",
"sha": "acc1317b2308c1eea6b9a002cd234fa4b7312255",
"size": 125,
"url": "https://api.github.com/repos/Neo23x0/Raccine/contents/yara/ext-vars-test.yar?ref=main",
"html_url": "https://github.com/Neo23x0/Raccine/blob/main/yara/ext-vars-test.yar",
"git_url": "https://api.github.com/repos/Neo23x0/Raccine/git/blobs/acc1317b2308c1eea6b9a002cd234fa4b7312255",
"download_url": "https://raw.githubusercontent.com/Neo23x0/Raccine/main/yara/ext-vars-test.yar",
Chrome -> DevTools -> Console
urls = []
$$('*').forEach(element => {
urls.push(element.src)
urls.push(element.href)
urls.push(element.url)
});copy(urls.filter(x=>x&&x!==""))
//
// Most object types in the V8 JavaScript are described in this file.
//
// Inheritance hierarchy:
// - Object
// - Smi (immediate small integer)
// - TaggedIndex (properly sign-extended immediate small integer)
// - HeapObject (superclass for everything allocated in the heap)
// - JSReceiver (suitable for property access)
// - JSObject