Skip to content

Instantly share code, notes, and snippets.

View trietptm's full-sized avatar
💭
Information Security Consulting, Threat Hunting

Minh-Triet Pham Tran trietptm

💭
Information Security Consulting, Threat Hunting
1.5k followers · 18.2k following
View GitHub Profile
@trietptm
trietptm / securitytoollist.txt
Created January 29, 2016 04:53
securitytoollist.txt by SH1NU11BI: http://pastebin.com/pGU0P8JW
0trace 1.5 A hop enumeration tool http://jon.oberheide.org/0trace/
3proxy 0.7.1.1 Tiny free proxy server. http://3proxy.ru/
3proxy-win32 0.7.1.1 Tiny free proxy server. http://3proxy.ru/
42zip 42 Recursive Zip archive bomb. http://blog.fefe.de/?ts=b6cea88d
acccheck 0.2.1 A password dictionary attack tool that targets windows authentication via the SMB protocol. http://labs.portcullis.co.uk/tools/acccheck/
ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface http://ucsniff.sourceforge.net/ace.html
admid-pack 0.1 ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful. http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html
adminpagefinder 0.1 This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormse
@trietptm
trietptm / Pym3nuML.txt
Created April 1, 2017 20:33
https://pastebin.com/Pym3nuML
https://github.com/pentestmonkey/windows-privesc-check
https://github.com/inquisb/keimpx
https://github.com/Spiderlabs/Responder
https://github.com/infobyte/faraday
https://github.com/koto/xsschef
https://github.com/darkoperator/Meterpreter-Scripts
https://github.com/mubix/Not-In-Pentesting-Class
https://github.com/scoopex/scriptreplay_ng
https://github.com/irsdl/updated-SWFIntruder
https://github.com/pentestgeek/smbexec
@trietptm
trietptm / idapython_cheatsheet.md
Created May 1, 2020 14:03 — forked from icecr4ck/idapython_cheatsheet.md
Cheatsheet for IDAPython
@trietptm
trietptm / xiaomi-locked-bootloader.md
Created January 10, 2017 06:30 — forked from anonymous/xiaomi-locked-bootloader.md
Xiaomi's locked bootloader is insecure and useless

Xiaomi's locked bootloader is insecure and useless

Your phone should have a locked bootloader, as it ensures the integrity of the software running on the device. This is especially relevant for Xiaomi phones, which are often loaded with all sorts of crapware by shady merchants. These vendor ROM's are a serious security risk. You really don't want to run that shit, so do your research very carefully when importing a Xiaomi device to ensure it hasn't been tampered with.

So, Xiaomi makes these nice phones and those vendors just ruin it all. They do the logical thing and start locking devices. But even today, vendor ROM's are still a thing! Even the brand new edgeless Mi Mix isn't safe.

How is this possible?

Through a wide open back door called EDL mode. To flash anything you want, all you need is a "deep flash cable" from [Aliexpress](https://www.aliexpress.com/wholesale?catId=0&SearchText=xiaomi+deep+fl

@trietptm
trietptm / DisableASLR-win10.bat
Created March 28, 2016 19:21 — forked from huyna/DisableASLR-win10.bat
@ECHO OFF
SETLOCAL
ECHO ASLR Enable / Diable Batch Script - Please run as admin
set /p Choice=Want to Enable or Disable ASLR? (e or d):%=%
if "%Choice%"=="e" goto :ENABLE
if "%Choice%"=="d" goto :DISABLE
:ENABLE
@trietptm
trietptm / gist:4290757
Created December 15, 2012 02:25
Finding all permutations of a list(PROLOG) a snippet that lists all the possible permutations of a list
appendlist([], X, X).
appendlist([T|H], X, [T|L]) :- appendlist(H, X, L).
permutation([], []).
permutation([X], [X]) :-!.
permutation([T|H], X) :- permutation(H, H1), appendlist(L1, L2, H1), appendlist(L1, [T], X1), appendlist(X1, L2, X).
@trietptm
trietptm / install-vmware-tools
Last active July 9, 2023 15:29
Patch for install-vmware-tools REMnux script to use shared folders
The file install-vmware-tools is from REMnux v6 scripts: https://launchpad.net/~remnux/+archive/ubuntu/stable/+files/remnux-scripts_0.1.50.tar.gz
install-vmware-tools_TrietPTM is my patch for the "install-vmware-tools" script that’s present on REMnux v6 to fix a compatibility issue between VMware Tools and the Linux kernel included in Ubuntu, which prevents shared folders from working.
Other Ways You Can Help With REMnux: https://zeltser.com/remnux-v6-release-for-malware-analysis/
@trietptm
trietptm / assemble_and_emulate.py
Created June 6, 2018 07:35 — forked from Stean/assemble_and_emulate.py
script for assembly execution via keystone, capstone and unicorn engine
#!/usr/bin/env python
# allows print() behavior as in python3
from __future__ import print_function
# required for assembly
from keystone import *
# required for emulation
from unicorn import *
from unicorn.x86_const import *
@trietptm
trietptm / hack-ressources.md
Created September 3, 2017 15:27
Hacking Ressources
@trietptm
trietptm / introduction2Pwn.md
Created January 25, 2017 19:19 — forked from matsubara0507/introduction2Pwn.md
楽しいPwn入門

たのしいPwn入門

What is This ?

IGGG Advent Calender 2015のために書いた記事です。
常設CTFで遊んでたらPwnable系の問題を解いてるうちにいろいろと勉強になったのでまとめます。

Pwnable

PwnableとはCTFのジャンルの1つで、プログラムの脆弱性をつき、本来アクセスできないメモリ領域にアクセスして操作し、フラグを取得する感じの問題です。
別名としてExploitがあります。