Skip to content

Instantly share code, notes, and snippets.

View hackingbutlegal's full-sized avatar
💭
I may be slow to respond.

Jackie Singh hackingbutlegal

💭
I may be slow to respond.
View GitHub Profile
@waffle2k
waffle2k / cidr2regex.py
Created April 3, 2012 18:04
Convert CIDR notation to regex
#!/usr/bin/python
''' Not my script, found on the Internet, and rediscovered on my hard drive
'''
import sys
def cidr_to_regex(cidr):
ip, prefix = cidr.split('/')
base = 0
for val in map(int, ip.split('.')):
@sneak
sneak / ipadump.php
Created November 21, 2012 19:58
ipad 3g account slurper
<?php
// iPad 3G Account Slurper
//
// Usage: ./ipadump.php ICCID-base count
// (The script generates the final checkdigit to produce ICCIDs from the entered base)
$useragent="Mozilla/5.0 (iPad)"; //Spoof as iPad
$ICCIDroot = $_SERVER['argv'][1];
$ICCIDcount = $_SERVER['argv'][2];
@Bren2010
Bren2010 / HearSay.md
Last active October 7, 2023 03:42
The HearSay P2P File Sharer

HearSay

The HearSay P2P File Sharer; a response to The Copyright Alert System, as well as several other internet regulation attempts. The goal of this project is to prove the viability of semi-anonymous and confidential file sharing. Consists of several proofs of concepts such as the formation of ad-hoc mix networks and routing throughout them while maintaining anonymity and semantic security.

However, lets be honest with ourselves for a second. Don't use this to fight an oppressive regime. I can not (and will not try) to 'prove' its security, and I

@jedisct1
jedisct1 / long-domain-names.txt
Last active November 26, 2022 19:34
Long domain names are long. Hopeless SEO, domains registered by cats and WTF domains.
1-tr-18su-ka-8dow-56-oo9-13swx-r-k-ife-0nj-rnq-ihb-dd-p-1-0-z-a.info.
292fu2013-1-2-3-htt-4t3l60-zqn673-w9gp7kip0422wemrzsftm-htm-com.info.
aljumahiriyahalarabiyahallibiyahashshabiyahalishtirakiyahaluzma.info.
anderson-piedmont-spartanburg-greenville-easley-spine-pain-care.info.
associationfrancaisedesdirecteursdelaphotographiedelatelevision.info.
audio-player-zawqkerrhfoepdnmvbdkslahgjvklahjkfqqqojcgrtsksmcls.info.
ausencosandwellascentisaaxwaynegossruddswanheinercrimemellifont.info.
australianpublicsectoranti-corruptionconference2009fraudrortsin.info.
bewarecrimestoppersassistcorruptpolicepoliticcrimecriminalfraud.info.
camp-the-lycian-way-camps-the-lycian-way-camping-lycian-way-map.info.
@SecurityDragon
SecurityDragon / MetaXtractor.py
Last active March 14, 2019 16:22
MetaXtractor is an open source intelligence tool (OSINT) for extracting Metadata from PDF-document on a website.
# -*- coding: utf-8 -*-
# ---------------------------
# H. Sonesson, Atea
# ---------------------------
from pyPdf import PdfFileWriter, PdfFileReader
import os
import urlparse
import urllib
from bs4 import BeautifulSoup
@atcuno
atcuno / gist:3425484ac5cce5298932
Last active November 8, 2024 00:20
HowTo: Privacy & Security Conscious Browsing

The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.

I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.

Table of Contents

@duner
duner / README.md
Last active April 28, 2022 19:48
Twitter Archive to JSON

If you download your personal Twitter archive, you don't quite get the data as JSON, but as a series of .js files, one for each month (there are meant to replicate the Twitter API respones for the front-end part of the downloadable archive.)

But if you want to be able to use the data in those files, which is far richer than the CSV data, for some analysis or app just run this script.

Run sh ./twitter-archive-to-json.sh in the same directory as the /tweets folder that comes with the archive download, and you'll get two files:

  • tweets.json — a JSON list of the objects
  • tweets_dict.json — a JSON dictionary where each Tweet's key is its id_str

You'll also get a /json-tweets directory which has the individual JSON files for each month of tweets.

@taviso
taviso / delete-twitter-dm.js
Created November 3, 2017 16:33
Automate deleting twitter direct messages.
// Open direct messages window, paste this into console.
function deleteNextConversation()
{
if (!(dm = document.getElementsByClassName("DMInbox-conversationItem")[0])) {
clearInterval(tmr)
return;
}
dm.firstChild.click();
setTimeout('document.getElementsByClassName("js-actionDeleteConversation")[0].click()', 1000);
@7MinSec
7MinSec / mostly_painless_cuckoo_sandbox_install.md
Last active August 18, 2024 02:59
Mostly painless Cuckoo Sandbox install

How to Build a Cuckoo Sandbox Malware Analysis System

I had a heck of a time getting a Cuckoo sandbox running, and below I hope to help you get one up and running relatively quickly by detailing out the steps and gotchas I stumbled across along the way. I mention this in the references at the end of this gist, but what you see here is heavily influenced by this article from Nviso

Build your Linux Cuckoo VM

  1. Setup a Ubuntu 16.04 64-bit desktop VM (download here) in VMWare with the following properties:
  • 100GB hard drive
  • 2 procs
  • 8 gigs of RAM
@defensivedepth
defensivedepth / osquery-compromised-mega-chrome-ext.sql
Last active March 30, 2024 12:47
osquery query to find systems that have the compromised Mega Chrome Extension installed
-- Joins chrome_extension and users table, looks for Mega chrome identifier and specific version number; should also consider running without the version number, to find all users with Mega extension installed and then get it removed prior to it updating.
SELECT users.username,chrome_extensions.name,chrome_extensions.version,chrome_extensions.path FROM chrome_extensions JOIN users ON users.uid = chrome_extensions.uid where chrome_extensions.identifier = 'bigefpfhnfcobdlfbedofhhaibnlghod' and chrome_extensions.version = '3.39.4';