Aung Khant yehgdotnet

## hmac_sha1.py
import hashlib
import hmac
import base64


def make_digest(message, key):

    key = bytes(key, 'UTF-8')
    message = bytes(message, 'UTF-8')


## windvane.md

      
              1 file
            
          
              9 forks
            
          
              0 comments
            
          
              16 stars
            
          
                sandywu
                / windvane.md
            
            
              Created
              December 18, 2013 06:15
            
          
    WindVane Bridge API (v1.2.2)

提供与客户端通讯的机制。支持WindVane SDK v2.2 以上版本。

WindVane SDK参考。

WindVane 独有UA

windvane 在客户端中，会将原始UA后面跟上 WindVane/WindVaneSDK的版本号，你可以通过判断UA的方式来检查环境
其中，淘宝主客户端1212版本（IOS 3.4.5 ANDROID 3.9.5）后格式为

  
## bashpipe.go
package main

import (
        "bytes"
        "io"
        "log"
        "os"
        "os/exec"
)

## mandros.py
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler

'''
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
'''

## JAVA-ADVISORY.md

      
              1 file
            
          
              9 forks
            
          
              3 comments
            
          
              27 stars
            
          
                frohoff
                / JAVA-ADVISORY.md
            
            
              Last active
              August 28, 2023 19:08
            
              
                Java 7u21 Security Advisory
              
          
    Security Advisory – Java SE

Chris Frohoff – Qualcomm Information Security and Risk Management
Introduction


Affected Product(s): Java SE 6, Java SE 7
Fixed in: Java SE 7u25 (2013-06-18), Java SE 8 (2014-03-18)
Vendor Contact: secalert_us@oracle.com
Vulnerability Type: Unsafe Object Deserialization


## trust-manager.js
'use strict';

var TrustManager;
var manager;

Java.perform(function () {
  var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');

  TrustManager = Java.registerClass({
    name: 'com.example.TrustManager',

## bypassPowershellExecutionPolicy.ps1
# from https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/
function Disable-ExecutionPolicy {($ctx = $executioncontext.gettype().getfield("_context","nonpublic,instance").getvalue( $executioncontext)).gettype().getfield("_authorizationManager","nonpublic,instance").setvalue($ctx, (new-object System.Management.Automation.AuthorizationManager "Microsoft.PowerShell"))}
Disable-ExecutionPolicy

## google-dorks

"          _                      _          "
"   _     /||       .   .        ||\     _   "
"  ( }    \||D    '   '     '   C||/    { %  "
" | /\__,=_[_]   '  .   . '       [_]_=,__/\ |"
" |_\_  |----|                    |----|  _/_|"
" |  |/ |    |                    |    | \|  |"
" |  /_ |    |                    |    | _\  |"

	It is all fun and games until someone gets hacked!

## tampermonkey.jquery.js
// ==UserScript==
// @name        Vortek Preload
// @namespace   vortek
// @description Load variables
// @include     http://localhost/vortek_php/*
// @version     1
// ==/UserScript==
// a function that loads jQuery and calls a callback function when jQuery has finished loading
function addJQuery(callback) {
    var script = document.createElement("script");

## README.md

      
              1 file
            
          
              230 forks
            
          
              30 comments
            
          
              1238 stars
            
          
                joyrexus
                / README.md
            
            
              Last active
              February 19, 2024 17:15
                — forked from liamcurry/gist:2597326
            
              
                Vanilla JS equivalents of jQuery methods
              
          
    Sans jQuery

Events

// jQuery
$(document).ready(function() {
  // code
})
	import hashlib
	import hmac
	import base64


	def make_digest(message, key):

	key = bytes(key, 'UTF-8')
	message = bytes(message, 'UTF-8')
	import sys
	import requests
	import threading
	import HTMLParser
	from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler

	'''
	Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
	Author: @xassiz
	'''
	'use strict';

	var TrustManager;
	var manager;

	Java.perform(function () {
	var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');

	TrustManager = Java.registerClass({
	name: 'com.example.TrustManager',
	# from https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy/
	function Disable-ExecutionPolicy {($ctx = $executioncontext.gettype().getfield("_context","nonpublic,instance").getvalue( $executioncontext)).gettype().getfield("_authorizationManager","nonpublic,instance").setvalue($ctx, (new-object System.Management.Automation.AuthorizationManager "Microsoft.PowerShell"))}
	Disable-ExecutionPolicy

	" _ _ "
	" _ /\|\| . . \|\|\ _ "
	" ( } \\|\|D ' ' ' C\|\|/ { % "
	" \| /\__,=_[_] ' . . ' [_]_=,__/\ \|"
	" \|_\_ \|----\| \|----\| _/_\|"
	" \| \|/ \| \| \| \| \\| \|"
	" \| /_ \| \| \| \| _\ \|"

	It is all fun and games until someone gets hacked!
	// ==UserScript==
	// @name Vortek Preload
	// @namespace vortek
	// @description Load variables
	// @include http://localhost/vortek_php/*
	// @version 1
	// ==/UserScript==
	// a function that loads jQuery and calls a callback function when jQuery has finished loading
	function addJQuery(callback) {
	var script = document.createElement("script");