- Metaspoit: Penetration testing software
- BeEF: The Browser Exploitation Framework
- PTF: Penetration Testers Framework
- Bettercap: MITM framework
- Nessus: Vulnerability scanner
- AutoNessus: Auto Nessus
- BDFProxy: Patch Binaries via MITM (BackdoorFactory)
- Xplico: Network Forensic Analysis Tool (eg. parse pcap file)
#################################################################### | |
#Python program to convert temperature from either Fahrenheit to # | |
#Celsius or vise-versa. This is a very simple function example. # | |
# # | |
#################################################################### | |
def convert(temp, unit): | |
unit = unit.lower() | |
if unit == "c": |
#!/bin/bash | |
# | |
# CloudyGamerLauncher by Larry Gadea | |
# Easily start/stop Paperspace and Parsec instances | |
# | |
# Make sure to fill out the variables below. For the machine name, use the | |
# 8-letter identifier for the machine on Paperspace (ex. PS8RGDUY) | |
PAPERSPACE_EMAIL='' | |
PAPERSPACE_PASSWORD='' |
function transfer | |
if test (count $argv) -eq 0 | |
echo "No arguments specified. Usage:\necho transfer /tmp/test.md\ncat /tmp/test.md | transfer test.md" | |
return 1 | |
end | |
## get temporarily filename, output is written to this file show progress can be showed | |
set tmpfile ( mktemp -t transferXXX ) | |
## upload stdin or file |
#!/bin/zsh | |
# Defines transfer alias and provides easy command line file. | |
# | |
# Authors: | |
# Remco Verhoef <[email protected]> | |
# Prajjwal Singh <[email protected]> | |
# | |
# Dependencies: | |
# * curl |
import requests | |
import re | |
from glob import glob # Google this. It's really good! | |
from os.path import basename, join # Basename removes the path part of a file, returning only the filename. Can also handle urls. | |
from concurrent.futures import ThreadPoolExecutor # For our concurrent downloads in download_many. | |
def get_urls(data, pattern): | |
urls = pattern.findall(data.text) | |
endings = ['.pdf', '.mobi', '.epub'] |
"Give Me CRX" (https://chrome.google.com/webstore/detail/give-me-crx/acpimoebmfjpfnbhjgdgiacjfebmmmci) contains a virus hidden in the source code.
Hidden Virus
Reviewer "Adam Carbonell" (link) first discovered existence of the malware. He mentioned that icon2.png
contains malicious code.
bg.js (last modified 11/11/2016) extracts the code by reading icon2.png
(last modified 11/10/2016) as text, extracting data between init>
and <end
strings (I assume a PNG comment), and xor-ing it with char ^ 77
.
The resulting text is then run as Javascript. I think around 24 hours after extension installation, every tab will have <script src='hXXp//s3.eu-central-1.amazonaws.com/forton/give_me_crx.js'>
injected whenever "chrome.tabs.onUpdated".
#!/bin/bash | |
if [ "$1" = "-h" -o "$1" = "--help" -o -z "$1" ]; then cat <<EOF | |
appify v3.0.1 for Mac OS X - http://mths.be/appify | |
Creates the simplest possible Mac app from a shell script. | |
Appify takes a shell script as its first argument: | |
`basename "$0"` my-script.sh |
" Use Vim settings, rather then Vi settings (much better!). | |
" This must be first, because it changes other options as a side effect. | |
set nocompatible | |
" ================ General Config ==================== | |
set number "Line numbers are good | |
set backspace=indent,eol,start "Allow backspace in insert mode | |
set history=1000 "Store lots of :cmdline history | |
set showcmd "Show incomplete cmds down the bottom |
We used Niftydrive with Sandisk 128gb UHS-I Micro SD Card and this config to allocate more space for Macbooks with small ssd drives. For 128gb and 256gb models this is a lot more space.
Save yourself the trouble and don't try to buy UHS-II cards since they don't have better performance vs UHS-I in Mac.
Please use Filevault encryption in your main hard-drive. This setup makes it easy to use Time machine backups to the contents of the SD card too.