Skip to content

Instantly share code, notes, and snippets.

View VoidSec's full-sized avatar
🐲
Developing an exploit

Paolo Stagno VoidSec

🐲
Developing an exploit
612 followers · 35 following
View GitHub Profile
@VoidSec
VoidSec / gist:7c28f14d28a16fda553c
Created July 14, 2015 08:34
keybase.md
### Keybase proof
I hereby claim:
* I am VoidSec on github.
* I am voidsec (https://keybase.io/voidsec) on keybase.
* I have a public key whose fingerprint is 4ACF D42C C873 B737 114B DB7A 9A3A DBB7 EB98 B63E
To claim this, I am signing this object:
@VoidSec
VoidSec / [LPE]VirIT_Explorer_v.8.1.68.c
Last active May 18, 2016 16:41
VirIT Explorer v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution
/*
Full title: VirIT Explorer Lite & Pro v.8.1.68 Local Privilege Escalation (System)/Arbitrary Code Execution
Exploit Author: Paolo Stagno - [email protected]
Vendor Homepage: http://www.tgsoft.it
Version: VirIT Explorer Lite & Pro v.8.1.68
Tested on: Windows 7
CVE: TBD
CVSS v2: 6.8 (AV:L/AC:L/Au:S/C:C/I:C/A:C/E:H/RL:U/RC:C) - https://nvd.nist.gov/cvss.cfm?calculator&version=2&vector=%28AV:L/AC:L/Au:S/C:C/I:C/A:C/E:H/RL:U/RC:C%29
Category: local exploits
Platform: windows
@VoidSec
VoidSec / keybase.md
Created September 12, 2019 08:20

Keybase proof

I hereby claim:

  • I am voidsec on github.
  • I am voidsec (https://keybase.io/voidsec) on keybase.
  • I have a public key ASAAkzkIA7goEHg_eaBkkY7Su27pQuYRf-NtZkQbBID1uAo

To claim this, I am signing this object:

@VoidSec
VoidSec / DPRK-Breach-Checker.ps1
Last active January 29, 2021 08:22
DPRK Breach Checker based on Google TAG's IOCs
# Updated on 29/01/2021
# IOCs from Google TAG https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/
# IOCs from Microsoft MSTIC https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/
# Checks the registry, if not compromised each test will return "ERROR: The system was unable to find the specified registry key or value."
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\KernelConfig"
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DriverConfig"
reg query "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SSL Update"
# Checks the following paths, if not compromised each test will return false
@VoidSec
VoidSec / idapython_cheatsheet.md
Created October 18, 2021 14:44 — forked from icecr4ck/idapython_cheatsheet.md
Cheatsheet for IDAPython
@VoidSec
VoidSec / requests_api.py
Created February 21, 2023 15:26 — forked from stefansundin/requests_api.py
Reusable class for Python requests library.
# http://docs.python-requests.org/en/master/api/
import requests
class RequestsApi:
def __init__(self, base_url, **kwargs):
self.base_url = base_url
self.session = requests.Session()
for arg in kwargs:
if isinstance(kwargs[arg], dict):
kwargs[arg] = self.__deep_merge(getattr(self.session, arg), kwargs[arg])
@VoidSec
VoidSec / clean_twitter_interest.txt
Created September 30, 2024 14:03
Remove/clean Twitter interests
1. navigate to: https://x.com/settings/your_twitter_data/twitter_interests
2. run the following script in the browser console:
```
javascript:(function clickCheckedItems(){let i=document.querySelectorAll("input[type='checkbox']:checked");if(i.length>0){i.forEach((w,n)=>{if(n<15){setTimeout(()=> w.click(),Math.random()*6000+1000);}});setTimeout(clickCheckedItems,15000);}})();
```