Skip to content

Instantly share code, notes, and snippets.

View yehgdotnet's full-sized avatar

Aung Khant yehgdotnet

91 followers · 204 following
View GitHub Profile
@yehgdotnet
yehgdotnet / godnslookup.go
Created September 28, 2020 04:48
godnslookup.go
package main
import (
"bufio"
"fmt"
"log"
"os"
"path/filepath"
"time"
"net"
@yehgdotnet
yehgdotnet / recordlookup.go
Last active September 26, 2020 06:39
recordlookup.go
package main
import (
"bufio"
"fmt"
"log"
"os"
"strings"
"regexp"
)
@yehgdotnet
yehgdotnet / process-file.py2
Created August 26, 2020 11:31
python: Run specific command on file content line by line
#
# Run specific command on file content line by line
# Coded by Myo Soe
#
#
import sys, getopt, os
def main(argv):
@yehgdotnet
yehgdotnet / notify.py
Created August 26, 2020 06:41
Python 2 Mac OS Notification
#!/usr/bin/env python
from Foundation import NSUserNotification
from Foundation import NSUserNotificationCenter
from Foundation import NSUserNotificationDefaultSoundName
from optparse import OptionParser
def main():
parser = OptionParser(usage='%prog -t TITLE -m MESSAGE')
@yehgdotnet
yehgdotnet / feed-reader.au3
Last active August 25, 2020 14:30
AutoIT Feed Reader
Local $feed_file = "theregister.xml"
Local $hDownload = InetGet ( "http://www.theregister.co.uk/security/headlines.atom" , $feed_file )
Local $file = FileOpen($feed_file, 0)
Global $security_feeds = ""
Global $counter = 0
; Check if file opened for reading OK
If $file = -1 Then
@yehgdotnet
yehgdotnet / quote-email-sign.au3
Created August 25, 2020 14:30
AutoIT Quote of the Day Email Signature
#cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.8.1
Author: myName
Script Function:
Template AutoIt script.
#ce ----------------------------------------------------------------------------
@yehgdotnet
yehgdotnet / hourlynotification.scpt
Created August 24, 2020 15:31
AppleScript Hourly Notification
set Dummy to ""
set HourTimer to 1
repeat while Dummy = ""
display notification "[Your Notification]"
delay 3600 * HourTimer
end repeat
@yehgdotnet
yehgdotnet / smbexec.py
Created August 11, 2020 14:56
smbexec.py with port 443 allowed
#!/usr/bin/env python
# SECUREAUTH LABS. Copyright 2018 SecureAuth Corporation. All rights reserved.
#
# This software is provided under under a slightly modified version
# of the Apache Software License. See the accompanying LICENSE file
# for more information.
#
# A similar approach to psexec w/o using RemComSvc. The technique is described here
# https://www.optiv.com/blog/owning-computers-without-shell-access
# Our implementation goes one step further, instantiating a local smbserver to receive the
@yehgdotnet
yehgdotnet / gist:d745d23169d73f14ecf5fbf31f47d23c
Last active May 9, 2020 04:58
JavaScript HTTPS Redirector
<script>
var original_url = window.location.toString();
var https_url = original_url.replace("http://","https://");
if (window.location.toString().indexOf("http://")==0){
location.replace(https_url);
}
</script>
@yehgdotnet
yehgdotnet / gist:c841e191afb5c490409f7769a128e022
Created April 27, 2020 08:47
IDOR Prevention
The most effective control against insecure direct object reference attacks is to avoid exposing internal functionality of the software using a direct object reference that can be easily manipulated.
The following are some defensive strategies that can be taken to accomplish this objective:
■ Use indirect object reference by using an index of the value or a reference map so that direct parameter manipulation is rendered futile unless the attacker also is aware of how the parameter maps to the internal functionality.
■ Do not expose internal objects directly via URLs or form parameters to the end user.