Skip to content

Instantly share code, notes, and snippets.

View habib26-14's full-sized avatar

habib26-14

19 followers · 172 following
  • moroccan school of engineering sciences
View GitHub Profile
@rain-1
rain-1 / WorLLMs.md
Last active January 24, 2024 09:05
WorLLMs

Could an LLM end up being the core part of a dangerous computer worm?

How would we neutralize such a thing if this happened?

Some virus and worm background

There is a hilarious story from https://users.cs.utah.edu/~elb/folklore/xerox.txt about an early computer virus called robin hood and friar tuck. This was basically just two programs running on a UNIX system that would look out for each other and reboot the other process if it was killed. It's interesting to note that since computer programs run thousands of times faster than humans, a human can't type kill -9 robinhood then type kill -9 friartuck in time. The computer is faster so it always wins if you try this. To defeat this you need to take a different approach than speed.

@ufrisk
ufrisk / memprocfs_example.ipynb
Created March 5, 2023 17:58
MemProcFS example Jupyter Notebook
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@0xSojalSec
0xSojalSec / mutation_a.txt
Created February 12, 2023 17:19 — forked from hackerscrolls/mutation_a.txt
Mutation points in <a> tag for WAF bypass
<a[1]href[2]=[3]"[4]java[5]script:[6]alert(1)">
[1]
Bytes:
\x09 \x0a \x0c \x0d \x20 \x2f
<a/href="javascript:alert(1)">
<a\x09href="javascript:alert(1)">
[2,3]
@N7WEra
N7WEra / field-config.yaml
Last active April 7, 2025 00:19
Kitana custom field
- name: awss3
type: regex
regex:
- '[a-zA-Z0-9.-]+\.s3\.amazonaws\.com'
- 's3://([^/]+)'
- '[a-zA-Z0-9.-]+.s3\.[a-zA-Z0-9.-]+\.amazonaws\.com'
- '[a-zA-Z0-9.-]+\.s3-website-[a-z0-9-]+\.amazonaws\.com'
- '[a-zA-Z0-9.-]+\.s3\.amazonaws\.com'
- name: awsapps
@stong
stong / CleanBoot.java
Last active January 27, 2024 11:35
Real World CTF 2023: Dark Portal Writeup
package org.mapleir;
import org.mapleir.app.client.SimpleApplicationContext;
import org.mapleir.app.service.ApplicationClassSource;
import org.mapleir.app.service.InstalledRuntimeClassSource;
import org.mapleir.asm.ClassHelper;
import org.mapleir.asm.ClassNode;
import org.mapleir.asm.MethodNode;
import org.mapleir.context.AnalysisContext;
import org.mapleir.context.BasicAnalysisContext;
@ruevaughn
ruevaughn / 1_top+hacker_methodologies.md
Last active April 2, 2025 17:36
Hacker Methodologies & Tools (NEW)

The Top Hacker Methodologies & Tools Notes

By Chase. ** *

Nuclei Templates

Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting

@terjanq
terjanq / HTPL-solution.html
Last active November 6, 2022 22:11
Hack.lu 2022 CTF solutions
<!--
This was a sandboxing challenge where the JS language is presenteded in the form of exotic, made-up language.
It's almost properly sandboxed but there is one bug that players needed to find.
The bug I found was to construct HTML comment (<!--) that is understood by JS and which makes it possible to ignore one semicolon
and then to concat array expression with variable name, like $var$['eval']. To get reference to eval we used DOM clobbering
and defined <iframe name=$win$>
-->
<iframe name=$win$></iframe>
<x-program>
@isaqueprofeta
isaqueprofeta / siem_training.md
Last active March 31, 2025 06:44
SIEM Training
@h4x0r-dz
h4x0r-dz / Generic keys
Created May 5, 2022 09:15
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
@Purp1eW0lf
Purp1eW0lf / Sysmon_Lab.ps1
Last active December 16, 2024 16:16
<#
Meta
Date: 2022 March 28th
Updated: 2023 October 6th
Authors: Dray Agha (Twitter @purp1ew0lf), Dipo Rodipe (Twitter @dipotwb)
Company: Huntress Labs
Purpose: Automate setting up Sysmon and pulling Ippsec's sysmon IoC streamliner. Great for malware lab.
#>
################################################################################################################