computerline1z
/ gist:8783650
Created
February 3, 2014 13:18
hexrays-python examples 07: event callback
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ It demonstrates how to iterate a cblock_t object. | |
| Author: EiNSTeiN_ <einstein@g3nius.org> | |
| This is a rewrite in Python of the vds7 example that comes with hexrays sdk. | |
| """ | |
| import idautils | |
| import idaapi | |
| import idc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Starting Nmap 5.21 ( http://nmap.org ) at 2014-02-24 02:06 UTC | |
| Host is up (0.0031s latency). | |
| PORT STATE SERVICE VERSION | |
| 1/tcp open tcpmux? | |
| 3/tcp open compressnet? | |
| 4/tcp open unknown | |
| 6/tcp open unknown | |
| 7/tcp open echo? | |
| 9/tcp open discard? |
jedisct1
/ smaz_test.c
Created
April 25, 2014 21:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include "smaz.h" | |
| int main(void) { | |
| char in[512]; | |
| char out[4096]; | |
| char *pos; |
DISC2014
/ More Links
Created
June 8, 2014 05:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Web Application Hacking | |
| http://google-gruyere.appspot.com/part2 | |
| http://www.unixwiz.net/techtips/sql-injection.html | |
| ITSec Blogs | |
| https://www.corelan.be/index.php/articles/ | |
| http://cyberarms.wordpress.com/ | |
| http://asecuritysite.com/ | |
| Wargame |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Lavasoft page on Win32/Virut: | |
| hxxp://www.lavasoft.com/mylavasoft/malware-descriptions/blog/VirusWin32Virut061772f525 | |
| quotes code used by the trojan without proper escaping. Which includes: | |
| <iframe src="hxxp://www.Trenz.pl/rc/" width=1 height=1 frameborder=0><iframe> | |
| Users looking at the description of this trojan on this security company's site end up loading the iframe content. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| >>>>> got bad ip:59.24.3.173================= send request to from dns server ================ | |
| buffer len 29 | |
| send buffer: | |
| 0000 67 45 01 00 00 01 00 00 00 00 00 00 07 79 6f 75 gE...........you | |
| 0010 74 75 62 65 03 63 6f 6d 00 00 01 00 01 tube.com..... | |
| ================= receive from dns server ================ | |
| receive len 45 | |
| receive buffer: | |
| 0000 67 45 81 80 00 01 00 01 00 00 00 00 07 79 6f 75 gE...........you | |
| 0010 74 75 62 65 03 63 6f 6d 00 00 01 00 01 c0 0c 00 tube.com........ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'date' | |
| require 'zlib' | |
| now = Time.now.to_date | |
| loop do | |
| ds = "#{now.year}+=+#{now.month}+=+#{now.day}" | |
| puts "#{Zlib::crc32(ds).to_s(16)}.pw" | |
| now += 1 | |
| end |
jedisct1
/ dga_score.rb
Created
July 23, 2014 21:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env ruby | |
| require 'awesome_print' | |
| require 'msgpack' | |
| require 'public_suffix' | |
| require 'singleton' | |
| class DGAScore | |
| include Singleton |
jedisct1
/ ip-name-to-name-country.c
Created
August 25, 2014 04:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <string.h> | |
| #include <GeoIP.h> | |
| int main(void) | |
| { | |
| char line[4096]; | |
| GeoIP *gi; | |
| const char *country; |
kennwhite
/ nginx_1.6.x.conf
Last active
August 29, 2015 14:06
CentOS, Red Hat, Amazon Linux nginx config: A+ SSL Labs rating w/ strong legacy compatibility
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Strong nginx config for SSL Labs rating A as of 3-2015 | |
| # Broad legacy compatibility including IE8, Android 2.3+, openssl 0.9.8 clients | |
| # Blocks most bot scan IP probes. | |
| # | |
| # *** Assumes: _HOSTNAME_ is replaced *** | |
| # *** Assumes: Diffie-Hellman parameters have been generated (see: dhparam below) | |
| # | |
| # Includes OCSP stapling, HSTS Strict Transport security, | |
| # session resumption, legacy backwards compatibility (XP, Android 2.3-4.3) | |
| # |
OlderNewer