molbal
/ text-to-tags.py
Created
July 13, 2024 12:21
Attunewise
/ ConvertFunctions.py
Last active
April 24, 2024 01:44
Convert OpenAI functions to system prompt that works with other LLMs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Converts OpenAI compatible function calling JSON schema to a prompt that instructs the LLM to return | |
| # a JSON object that is a choice of a function call conforming to one of the functions or a message reply | |
| def convert_schema_to_typescript(schema): | |
| if not schema: | |
| return 'any' | |
| if '$ref' in schema: | |
| return schema['$ref'].replace('#/definitions/', '') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import csv | |
| import requests | |
| import argparse | |
| from bs4 import BeautifulSoup | |
| from colorama import Fore, Style, init | |
| init(autoreset=True) | |
| known_security_vendors = [ | |
| 'symantec', 'mcafee', 'trendmicro', 'kaspersky', 'bitdefender', |
realoriginal
/ Entry.c
Created
March 29, 2023 16:40
TLDR: How a socks proxy client is written to tunnel connections from a 'teamserver' to an agent.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*! | |
| * | |
| * RPROXICMP | |
| * | |
| * GuidePoint Security LLC | |
| * | |
| * Threat and Attack Simulation Team | |
| * | |
| !*/ |
rqu1
/ checkmk.py
Last active
August 4, 2024 16:42
check if a PAN firewall is using the default master key when globalprotect is enabled
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from hashlib import md5, sha1 | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend | |
| from base64 import b64encode, b64decode | |
| import sys, time | |
| import requests | |
| DEFAULT_MASTERKEY=b'p1a2l3o4a5l6t7o8' | |
| class PanCrypt(): |
zimnyaa
/ iocpipe.py
Created
February 17, 2022 11:10
Check whether an SMB pipe name for pivoting is a known IoC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re, sys | |
| def rule_startswith(ioc_string): | |
| def __match(pipename): | |
| if pipename.startswith(ioc_string): | |
| print("\tMATCH startswith({})".format(ioc_string)) | |
| return True | |
| return False | |
| return __match |
atucom
/ mesh-shell-server.py
Created
February 16, 2022 14:56
Meshtastic shell server for executing commands on a remote system attached to a meshtastic radio
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #@atucom | |
| # PoC of getting a remote shell using a meshtastic radio. | |
| # this works by using the meshtastic python package and the device connected over USB serial | |
| # The long/slow transmit speed gives about 10 bytes/sec bandwidth which is crazy slow. It took 5.5mins to run 'ls -la' on my home dir | |
| # This could be further improved by the following: | |
| # - trying the short/fast mode | |
| # - creating a dedicated channel | |
| # - setting a non-default psk for encryption |
mhaskar
/ client-ipv6-generic.c
Created
January 24, 2022 00:09
DNSStager v1.0 beta agent to inject the retrived shellcode in notepad.exe and using Early Bird APC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdint.h> | |
| #include <inttypes.h> | |
| #include <winsock2.h> | |
| #include <windns.h> | |
| #include <windows.h> | |
| #include <stdio.h> | |
| #include <tlhelp32.h> | |
z1mu
/ log4j-keywords
Last active
January 12, 2023 09:07
— forked from bugbountynights/log4j-keywords
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ${ctx:loginId} | |
| ${map:type} | |
| ${filename} | |
| ${date:MM-dd-yyyy} | |
| ${docker:containerId} | |
| ${docker:containerName} | |
| ${docker:imageName} | |
| ${env:USER} | |
| ${event:Marker} | |
| ${mdc:UserId} |
daaximus
/ ioctl_names.cpp
Last active
November 26, 2024 07:31
Most IOCTLs mapped to their code names
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| typedef struct _ioctl_t | |
| { | |
| const char* ioctl_name; | |
| uint64_t ctl_code; | |
| } ioctl_t; | |
| // This would likely be better used in some unordered map. This is just a temporary data structure for testing resolution. | |
| // | |
| // Results from NtDeviceIoControlFile hook: | |
| // utweb.exe (14916) :: NtDeviceIoControlFile( 0x65c (\Device\Afd), 0x694, 0x0000000000000000, 0x0000000000000000, 0x00000000044DEE90, 0x12024 (IOCTL_AFD_SELECT), 0x0000000004A3FC18, 0x34, 0x0000000004A3FC18, 0x34 ) |
NewerOlder