Skip to content

Instantly share code, notes, and snippets.

View 537's full-sized avatar
🎯
Focusing

537

🎯
Focusing
View GitHub Profile
@mgeeky
mgeeky / Various-Macro-Based-RCEs.md
Last active March 13, 2025 09:47
Various Visual Basic Macros-based Remote Code Execution techniques to get your meterpreter invoked on the infected machine.

This is a note for myself describing various Visual Basic macros construction strategies that could be used for remote code execution via malicious Document vector. Nothing new or fancy here, just a list of techniques, tools and scripts collected in one place for a quick glimpse of an eye before setting a payload.

All of the below examples had been generated for using as a remote address: 192.168.56.101.

List:

  1. Page substiution macro for luring user to click Enable Content
  2. The Unicorn Powershell based payload
@marcan
marcan / bloom.py
Last active February 29, 2024 19:55
Simple Bloom filter implementation in Python 3 (for use with the HIBP password list)
#!/usr/bin/python3
#
# Simple Bloom filter implementation in Python 3
# Copyright 2017 Hector Martin "marcan" <[email protected]>
# Licensed under the terms of the MIT license
#
# Written to be used with the Have I been pwned? password list:
# https://haveibeenpwned.com/passwords
#
# Download the pre-computed filter here (968MB, k=11, false positive p=0.0005):
@sk22
sk22 / lastfm-remove-duplicates.js
Last active April 28, 2025 21:56
Last.fm duplicate scrobble deleter
var elements = Array.from(document.querySelectorAll('.js-link-block'))
elements.map(function (element) {
var nameElement = element.querySelector('.chartlist-name')
return nameElement && nameElement.textContent.replace(/\s+/g, ' ').trim()
}).forEach(function (name, i, names) {
if (name !== names[i + 1]) return
var deleteButton = elements[i].querySelector('[data-ajax-form-sets-state="deleted"]')
if (deleteButton) deleteButton.click()
location.reload()
})
@derhuerst
derhuerst / output.js
Created May 10, 2016 10:22
how fetch a GitHub user's stars
[
{
owner: 'bcoe',
repo: 'top-npm-users',
description: ':star: Generate a list of top npm users by based on monthly downloads.',
language: 'JavaScript',
isFork: false,
stargazers: 27,
watchers: 27
}
@jult
jult / blockpeers.sh
Last active December 28, 2024 13:59
blocking p2p peer snoopers and evil corp (for Tixati IP filter and such)
#!/bin/sh
# This script runs every other night at 04:56 CET on a webserver I maintain
# Results are always at: https://jult.net/block.txt ( or https://jult.net/block.txt.gz )
# And much smaller, stripped of BS; https://jult.net/bloc.txt
# For use in Tixati IP filter: https://jult.net/bloc.txt.gz !!!
# And finally a txt file with just the bold IP-ranges: https://jult.net/bl.txt (or https://jult.net/bl.txt.gz )
# Download open block-lists, unpack, filter:
curl -s https://www.iblocklist.com/lists.php | grep -A 2 Bluetack | xargs wget -qO - --limit-rate=500k | gunzip -f | egrep -v '^#' > /tmp/xbp
@joepie91
joepie91 / vpn.md
Last active May 10, 2025 10:28
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.
@protrolium
protrolium / wget.md
Last active March 8, 2024 01:46
wget commands

Download Only Certain File Types Using wget -r -A

You can use this under following situations:

  • Download all images from a website
  • Download all videos from a website
  • Download all PDF files from a website

$ wget -r -A.pdf http://url-to-webpage-with-pdfs/

@JasonPellerin
JasonPellerin / Smurf.c
Created May 19, 2015 20:06
Smurf.c
Well, I suppose its `safe' to release this, it seems everyone and their dog has
it and apparantly (and to my surprise) it still works.
The `smurf' attack is quite simple. It has a list of broadcast addresses which
it stores into an array, and sends a spoofed icmp echo request to each of those
addresses in series and starts again. The result is a devistating attack upon
the spoofed ip with, depending on the amount of broadcast addresses used,
many, many computers responding to the echo request.
Before I continue may I first say that this code was a mistake. When it was
@dusk0r
dusk0r / gist:3d5b46b3ed43aae88b2d
Last active September 3, 2020 16:55
Changing Background Images using jQuery
<html>
<head>
<style type="text/css">
.bgimage {
position: fixed;
background-repeat: no-repeat;
background-position: center;
background-size: cover;
background-color: black;
width: 100%;
@takeshixx
takeshixx / hb-test.py
Last active April 14, 2025 17:04
OpenSSL heartbeat PoC with STARTTLS support.
#!/usr/bin/env python2
"""
Author: takeshix <[email protected]>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser