Skip to content

Instantly share code, notes, and snippets.

@bridgeythegeek
bridgeythegeek / MyFirstPANDA.md
Last active August 15, 2023 10:48
My First PANDA

My First PANDA

Introduction

Being someone who tries to play a lot with Windows memory, I really wanted to play with PANDA, but I was slightly scared because I'd never touched qemu before - all my experience had been with VirtualBox and VMware.

My goal was to install PANDA into a (relatively) clean install of Debian 8 'Jessie', capture a recording and successfully run a PANDA plugin.

1. Get PANDA

@aparrish
aparrish / understanding-word-vectors.ipynb
Last active November 9, 2024 12:16
Understanding word vectors: A tutorial for "Reading and Writing Electronic Text," a class I teach at ITP. (Python 2.7) Code examples released under CC0 https://creativecommons.org/choose/zero/, other text released under CC BY 4.0 https://creativecommons.org/licenses/by/4.0/
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@fox-srt
fox-srt / decode_shadowpad_dns.py
Last active April 18, 2023 15:42
Netsarang backdoor DNS payload decrypter
#!/usr/bin/env python
"""
Netsarang backdoor DNS payload decrypter
file: decode_shadowpad_dns.py
author: Fox-IT Security Research Team <[email protected]>
Usage:
$ cat dns.txt
sajajlyoogrmkllmuoqiyaxlymwlvajdkouhkdyiyolamdjivho.cjpybuhwnjgkhllm.nylalobghyhirgh.com
@lukassup
lukassup / zipapp.md
Last active September 12, 2023 02:17
Python zipapp

Python zipapp web apps

What's a zipapp?

This concept is very much like .jar or .war archives in Java.

NOTE: The built .pyz zipapp can run on both Python 2 & 3 but you can only build .pyz zipapps with Python 3.5 or later.

Initial setup

@ityonemo
ityonemo / test.md
Last active October 25, 2024 15:24
Zig in 30 minutes

A half-hour to learn Zig

This is inspired by https://fasterthanli.me/blog/2020/a-half-hour-to-learn-rust/

Basics

the command zig run my_code.zig will compile and immediately run your Zig program. Each of these cells contains a zig program that you can try to run (some of them contain compile-time errors that you can comment out to play with)

@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active September 11, 2024 21:41
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log