Skip to content

Instantly share code, notes, and snippets.

View arthusu's full-sized avatar

arthusu

46 followers · 607 following
View GitHub Profile
@tehryanx
tehryanx / trufflehog.json
Last active June 3, 2022 08:26
High signal patterns from trufflehog refactored to work with tomnomnom's gf
{
"flags": "-HnriE",
"patterns": [
"(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})",
"-----BEGIN RSA PRIVATE KEY-----",
"-----BEGIN DSA PRIVATE KEY-----",
"-----BEGIN EC PRIVATE KEY-----",
"-----BEGIN PGP PRIVATE KEY BLOCK-----",
"AKIA[0-9A-Z]{16}",
"amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}",
@nullenc0de
nullenc0de / passwords.txt
Last active March 27, 2024 23:46
August1
August123
August20
August20!
August2020
August2020!
August@20
August@2020
Autumn1
Autumn123
@ducnp
ducnp / DataSources.csv
Created June 30, 2019 19:58
MITRE - ATT&CK
TechniqueID Data Source
Technique/T1001 Packet capture,Process use of network,Process monitoring,Network protocol analysis
Technique/T1002 File monitoring,Binary file metadata,Process command-line parameters,Process monitoring
Technique/T1003 API monitoring,Process command-line parameters,Process monitoring,PowerShell logs
Technique/T1004 Windows Registry,File monitoring,Process monitoring
Technique/T1005 File monitoring,Process monitoring,Process command-line parameters
Technique/T1006 API monitoring
Technique/T1007 Process command-line parameters,Process monitoring
Technique/T1008 Packet capture,Netflow/Enclave netflow,Malware reverse engineering,Process use of network,Process monitoring
Technique/T1009
@0xbug
0xbug / docker-awvs.md
Last active August 9, 2020 15:55

宿主机

docker run -ti --name=awvs -v /tmp/awvs:/tmp/awvs ubuntu

acunetix_trial.shpatch_awvs 放到宿主机 /tmp/awvs 目录下

进入容器内

apt-get install sudo libxdamage1 libgtk-3-0 libasound2 libnss3 libxss1 libx11-xcb-dev -y
@akabe1
akabe1 / frida_multiple_unpinning.js
Last active July 10, 2025 13:12
Another Android ssl certificate pinning bypass for various methods
/* Android ssl certificate pinning bypass script for various methods
by Maurizio Siddu
Run with:
frida -U -f <APP_ID> -l frida_multiple_unpinning.js [--no-pause]
*/
setTimeout(function() {
Java.perform(function() {
console.log('');
@EdOverflow
EdOverflow / ghcheck
Created April 6, 2019 15:26
Quickly determine the validity and scope of a GitHub access token.
#!/bin/bash
GREEN='\033[0;32m'
RED='\033[0;31m'
END='\033[0m'
request=$(curl -s -u "hehe:$1" https://api.github.com/user)
name=$(echo "$request" | jq -r ".login" 2> /dev/null)
if [[ $name == "null" ]]; then
echo -e "${RED}Not a GitHub access token.${END}"
@nullenc0de
nullenc0de / params.txt
Created March 29, 2019 00:57
List of parameters for content discovery
0
1
11
12
13
14
15
16
17
2
@random-robbie
random-robbie / params.txt
Last active May 2, 2022 05:19
0
1
11
12
13
14
15
16
17
2
@Neo23x0
Neo23x0 / TI-Search-Shortcuts.md
Last active February 18, 2022 13:00
Search Engine Shortcuts

Search Engine Shortcuts

Use Manage Search Engines in your browser to add these search engines. You can then use the 'keyword' in the URL bar to do a quick lookup. Find more details about managing your search engines in Chrome here.

e.g. Type

v dad8ebcbb5fa6721ccad45b81874e22c
@mala
mala / CVE-2019-5418_is_RCE.md
Last active June 26, 2025 03:41
Rails の CVE-2019-5418 は RCE (Remote code execution) です