HockeyInJune’s gists

0xabad1dea / phppasswordfunctions.txt

Last active December 14, 2015 17:09

List of PHP functions that take password or key arguments

	Here is a huge list of functions listed in the PHP manual which take an argument
	which contains sensitive data, either directly or as an array element. Use it to
	"audit" for statically embedded passwords in "your" codebase. Some of these are
	very obscure/deprecated/whatever. The ones with "construct" in the name are
	classes called in source like new foo("password");...


	http://php.net/manual/en/function.hash-hmac.php

	http://www.php.net/manual/en/function.curl-setopt.php

anonymous / _vdbbin

Created February 3, 2014 23:44

	#compdef vdbbin
	# DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
	# Version 2, December 2004
	#
	# Copyright (C) 2004 Sam Hocevar <[email protected]>
	#
	# Everyone is permitted to copy and distribute verbatim or modified
	# copies of this license document, and changing it is allowed as long
	# as the name is changed.
	#

HockeyInJune / Exploitation

Created February 16, 2014 01:07

Here are the tutorials we ran in #tutorials on IRC for CSAW CTF 2013.

	04:28 -!- mode/#tutorials [+m] by HockeyInJune
	04:28 <~HockeyInJune> Okay, we'll be starting again in a second.
	04:29 <~HockeyInJune> Exploitation 1 is next at 19 votes.
	04:29 <~HockeyInJune> Let's do that one.
	04:29 <~HockeyInJune> You'll need IDA Demo and a Text Editor.
	04:29 <~HockeyInJune> https://www.hex-rays.com/products/ida/support/download_demo.shtml
	04:29 <~HockeyInJune> http://www.sublimetext.com/
	04:31 <~HockeyInJune> Oh, isn't this a great song?
	04:31 <~HockeyInJune> Alright, let's get started.
	04:31 <~HockeyInJune> The times the are a-changin'

rawdigits / gist:6d8fc3fd0d67b6470f7d

Last active August 22, 2021 18:21

	Blog post: Ryan Huber - Distributed Security Alerting
	https://medium.com/several-people-are-coding

	Video: Zane Lackey - Building a Modern Security Organization
	https://duo.com/blog/duo-tech-talk-building-a-modern-security-engineering-organization

	Krebs on Security Blog
	https://www.krebsonsecurity.com

	Sony Breach

alirobe / reclaimWindows10.ps1

Last active November 15, 2024 12:08

This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…

	###
	###
	### UPDATE: For Win 11, I recommend using this tool in place of this script:
	### https://christitus.com/windows-tool/
	### https://github.com/ChrisTitusTech/winutil
	### https://www.youtube.com/watch?v=6UQZ5oQg8XA
	### iwr -useb https://christitus.com/win \| iex
	###
	###

snare / BadTalkTitles

Last active March 29, 2022 11:46

	😒🙅🙄

	$thing for fun and profit
	all your $thing are belong to $shutup
	honey I $verbed the $thing
	$thing demystified
	$thing: a deep dive
	$verb all the things
	make $thing great again
	$x and $y and $z, oh my!

worawit / eternalblue7_exploit.py

Last active November 1, 2024 23:12

Eternalblue exploit for Windows 7/2008

	#!/usr/bin/python
	# This file has no update anymore. Please see https://github.com/worawit/MS17-010
	from impacket import smb
	from struct import pack
	import sys
	import socket

	'''
	EternalBlue exploit for Windows 7/2008 by sleepya
	The exploit might FAIL and CRASH a target system (depended on what is overwritten)

wdormann / disable_ddeauto.reg

Last active October 1, 2024 17:10

Disable DDEAUTO for Outlook, Word, OneNote, and Excel versions 2010, 2013, 2016

	Windows Registry Editor Version 5.00

	[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options]
	"DontUpdateLinks"=dword:00000001

	[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Word\Options]
	"DontUpdateLinks"=dword:00000001

	[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Word\Options]
	"DontUpdateLinks"=dword:00000001

magoo / gist:db5cd518d4e442168d003567827818dd

Created August 1, 2018 18:18

	https://apps.fcc.gov/edocs_public/attachmatch/DOC-332911A1.pdf
	https://archives.fbi.gov/archives/newark/press-releases/2011/former-at-t-contractor-arrested-charged-with-unauthorized-access-of-servers
	https://www.justice.gov/archive/opa/pr/2009/January/09-at-033.html
	https://www.justice.gov/archive/usao/nj/Press/files/pdffiles/2008/Craig%20Filed%20Complaint.pdf
	https://www.justice.gov/usao-ndal/pr/former-wireless-phone-company-employees-charged-selling-customer-information
	http://www.al.com/news/birmingham/index.ssf/2017/03/former_gardendale_att_employee.html
	http://fortune.com/2016/09/27/verizon-phone-records-breach/
	https://www.databreaches.net/fl-call-center-employee-and-7-others-charged-in-id-theft-fraud-scheme-involving-att-customer-info/
	https://www.fbi.gov/contact-us/field-offices/miami/news/press-releases/first-defendant-sentenced-in-identity-theft-fraud-scheme-involving-personal-identifying-information-from-at-t-customer-files
	http://www.latimes.com/business/technology/la-fi-tn-verizon-data-20170712-s

olliencc / WindowsVEHusingProcEnumandCount.cpp

Created January 2, 2022 10:25

Enumerates processes which use VEH via their PEB and then counts the number of VEHs present

	/*
	VEH misuse detector for Microsoft Windows

	Released as open source by NCC Group Plc - http://www.nccgroup.com/

	Developed by Ollie Whitehouse, ollie dot whitehouse at nccgroup dot com

	Released under AGPL see LICENSE for more information
	*/

Julian Cohen HockeyInJune