Skip to content

Instantly share code, notes, and snippets.

View dustyfresh's full-sized avatar
👽

Dustin dustyfresh

👽
138 followers · 103 following
View GitHub Profile
@yassineaboukir
yassineaboukir / List of API endpoints & objects
Last active September 24, 2025 15:54
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000
@readmeexe
readmeexe / tvd.py
Last active October 1, 2020 00:15
#!/usr/bin/env python3
# Decrypt Teamviewer Passwords from exported registry file
# Usage: python tvd.py Teamviewer_Settings.reg
# Modified by readmeexe
#
# CVE-2019-18988
# Original Author @whynotsecurity
# https://whynotsecurity.com/blog/teamviewer/
import sys, hexdump, binascii
@RienNeVaPlus
RienNeVaPlus / letsencrypt-certbot-arangodb.md
Last active February 28, 2024 12:31
Using Let's Encrypt's Certbot SSL-Certificates with ArangoDB

Using Let's Encrypt's Certbot Certificates with ArangoDB

Let's Encrypt generates SSL certificates for free.
Follow these steps to create and use an SSL certificate with ArangoDB.

1. Install the Certbot from LetsEncrypt (Certbot instructions)

sudo apt-get update
sudo apt-get install software-properties-common
@muff-in
muff-in / resources.md
Last active November 16, 2025 15:57
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
@veorq
veorq / paperwriting.md
Last active August 28, 2023 01:19
Recommended reading for writers of research papers
@jfmaes
jfmaes / ssl-scraper.py
Last active September 10, 2021 16:52
extract hostnames based on SSL certificates
#!/usr/bin/python
import requests
from socket import *
from requests.packages.urllib3.contrib import pyopenssl as reqs
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
import argparse
import ipaddress
#import asyncio
@superducktoes
superducktoes / Callback Domains log4j
Last active March 5, 2025 13:05
Callback Domains log4j
ldap://e2216d7a9a31.bingsearchlib.com:39356/a
ldap://612877d3a59b.bingsearchlib.com:39356/a
ldap://205.185.115.217:47324/a
ldap://ab3419ba1f45.bingsearchlib.com:39356/a
ldap://193.3.19.159:53/c
ldap://ea62856c5fc3.bingsearchlib.com:39356/a
ldap://43065f484327.bingsearchlib.com:39356/a
ldap://5486b6edd688.bingsearchlib.com:39356/a
ldap://92d27039ede4.bingsearchlib.com:39356/a
ldap://45cecd2f38ca.bingsearchlib.com:39356/a
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active October 14, 2025 08:35
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@adulau
adulau / http2-rapid-reset-ddos-attack.md
Last active November 9, 2024 10:01
HTTP/2 Rapid Reset DDoS Attack

Introduction

This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.

Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.

References

@xen0bit
xen0bit / Dockerfile
Created October 11, 2023 04:19
CVE-2023-38545
FROM debian:latest
RUN apt-get update && apt-get install -y \
git \
build-essential \
wget \
python3
WORKDIR /build