I hereby claim:
- I am justinbui on github.
- I am slyd0g (https://keybase.io/slyd0g) on keybase.
- I have a public key ASDPhm4B_dfyBrjqy73CebYKPc9Uyt-gp83GEtzmmkx3Ywo
To claim this, I am signing this object:
Justin Bui slyd0g
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import socket | |
| import os | |
| TCP_PORT = 5900 | |
| CURRENT_INDEX = 0 | |
| ############################################################################################################# | |
| # Connect to designated IP over port 5900. Negotiate RFB version handshake + capture authentication methods # | |
| # Returns '1' if no authentication is needed, else returns '0' # |
slyd0g
/ xor_encrypt_master.py
Created
June 30, 2017 15:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sys import exit | |
| import binascii | |
| import getpass | |
| import pickle | |
| def str_to_ascii(text): | |
| """Function: Convert string to ascii | |
| Input: String | |
| Output: List of chars in string in ascii | |
| """ |
slyd0g
/ countries.txt
Last active
August 30, 2017 00:42
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 678 China | |
| 107 India | |
| 106 Brazil | |
| 82 Russia | |
| 77 Mexico | |
| 65 United States | |
| 46 Turkey | |
| 36 Spain | |
| 35 Italy | |
| 30 Taiwan |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 17844 admin | |
| 9706 root | |
| 2250 guest | |
| 977 support | |
| 695 default | |
| 402 user | |
| 378 daemon | |
| 314 adm | |
| 198 telnet | |
| 114 alpine |
slyd0g
/ keybase.md
Created
June 3, 2019 16:25
slyd0g
/ Update_Notes.md
Created
August 5, 2019 21:52
Loading .NET Assemblies into Script Hosts - Abusing System32||SysWow64\Tasks writable property
mklink /h C:\Windows\System32\Tasks\tasks.dll C:\Tools\Tasks.dll
Hardlink created for C:\Windows\System32\Tasks\tasks.dll <<===>> C:\Tools\Tasks.dll
This can redirect the search to an arbitrary location and evade tools that are looking for filemods in a particular location.
xref: https://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.EnterpriseServices; | |
| using System.Runtime.InteropServices; | |
| using System.Reflection; | |
| using System.Reflection.Emit; | |
| using System.Collections; | |
| using System.Collections.Generic; |
slyd0g
/ trumail.sh
Last active
August 21, 2019 18:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| input="$1" | |
| rm output_trumail.txt | |
| touch output_trumail.txt | |
| while IFS= read -r line | |
| do | |
| curl https://api.trumail.io/v2/lookups/json?email=$line>>output_trumail.txt | |
| echo>>output_trumail.txt | |
| done < "$input" | |
| cat output_trumail.txt | grep -v Rate | grep -v Max | grep -v response>output_trumail_final.txt |
slyd0g
/ mscorlib_load_assembly.vba
Created
September 30, 2019 18:49
— forked from monoxgas/mscorlib_load_assembly.vba
VBA code for calling Assembly.Load using raw vtable lookups for the IUnknown
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ' Need to add project references to C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscoree.tlb and mscorlib.tlb | |
| Private Declare PtrSafe Function DispCallFunc Lib "oleaut32.dll" (ByVal pv As LongPtr, ByVal ov As LongPtr, ByVal cc As Integer, ByVal vr As Integer, ByVal ca As Long, ByRef pr As Integer, ByRef pg As LongPtr, ByRef par As Variant) As Long | |
| Private Declare PtrSafe Sub RtlMoveMemory Lib "kernel32" (Dst As Any, Src As Any, ByVal BLen As LongPtr) | |
| Private Declare PtrSafe Function VarPtrArray Lib "VBE7" Alias "VarPtr" (ByRef Var() As Any) As LongPtr | |
| #If Win64 Then | |
| Const LS As LongPtr = 8& | |
| #Else | |
| Const LS As LongPtr = 4& |
slyd0g
/ Get-Token.ps1
Created
November 4, 2019 23:16
— forked from vector-sec/Get-Token.ps1
PowerShell script to enumerate all Process and Thread tokens.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-Token | |
| { | |
| foreach($proc in (Get-Process)) | |
| { | |
| if($proc.Id -ne 0 -and $proc.Id -ne 4) | |
| { | |
| try | |
| { | |
| $hProcess = OpenProcess -ProcessId $proc.Id -DesiredAccess PROCESS_QUERY_LIMITED_INFORMATION | |
| } |
OlderNewer