Moved to my blog.
Frank Denis jedisct1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| generate domains according to: | |
| - https://www.endgame.com/blog/malware-with-a-personal-touch.html | |
| - http://www.rsaconference.com/writable/presentations/file_upload/br-r01-end-to-end-analysis-of-a-domain-generating-algorithm-malware-family.pdf | |
| requires words1.txt and words2.txt | |
| """ | |
| import time | |
| from datetime import datetime | |
| import argparse |
jedisct1
/ docker-clean
Last active
August 29, 2015 14:14
— forked from michaelneale/docker-clean
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| remove_dangling() { | |
| echo "Removing dangling images ..." | |
| docker rmi $(docker images -f dangling=true -q) | |
| } | |
| remove_stopped_containers() { | |
| echo "Removing stopped containers ..." | |
| docker rm $(docker ps -qa) |
kmcallister
/ MOVED.md
Last active
August 29, 2015 14:07
151-byte static binary for x86-64 Linux, all code in Rust
jedisct1
/ pureftpd shellshock.txt
Last active
August 8, 2023 20:07
Pure-FTPd + external authentication handler #shellshock POC
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat > /tmp/handler.sh | |
| #! /bin/bash | |
| echo auth_ok:1 | |
| echo uid:42 | |
| echo gid:21 | |
| echo dir:/tmp | |
| echo end | |
| ^D | |
| $ chmod +x /tmp/handler.sh |
michaelneale
/ docker-clean
Last active
July 20, 2021 15:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| remove_dangling() { | |
| echo "Removing dangling images ..." | |
| docker rmi $(docker images -f dangling=true -q) | |
| } | |
| remove_stopped_containers() { | |
| echo "Removing stopped containers ..." | |
| docker rm $(docker ps -qa) |
lukaszraczylo
/ delete-hipchat-history.rb
Last active
July 13, 2021 15:43
Delete hipchat 1:1 history (WORKING)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| # To make it work: | |
| # - change account details to yours ( obviously ;) ) | |
| # - install mechanize gem in version 1.0.0 ( gem install mechanize -v '1.0.0' ) | |
| # - look for !!HERE!! comments in code in case you'd like to change default behavior | |
| # - for best results run this script few times as hipchat / ruby openssl don't play together that well and | |
| # there might be an exception thrown from time to time. Script should retry then but hey.. Nobody is perfect. | |
| # .. and finally. Remember that other part should run this script as well to make history clean. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected]) | |
| # The author disclaims copyright to this source code. | |
| import sys | |
| import struct | |
| import socket | |
| import time | |
| import select |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| accelerateaccountant.in.net | |
| accelerateactor.in.net | |
| accelerateactress.in.net | |
| accelerateactuary.in.net | |
| accelerateadvisor.in.net | |
| accelerateaide.in.net | |
| accelerateambassador.in.net | |
| accelerateanimator.in.net | |
| acceleratearcher.in.net | |
| acceleratearchery.in.net |
seboudry
/ latency.markdown
Last active
February 15, 2023 12:45
— forked from hellerbarde/latency.markdown
L1 cache reference ......................... 0.5 ns
Branch mispredict ............................ 5 ns on recent CPU
L2 cache reference ........................... 7 ns 14x L1 cache
Mutex lock/unlock ........................... 25 ns
Main memory reference ...................... 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy ............. 3,000 ns = 3 µs
Send 2K bytes over 1 Gbps network ....... 20,000 ns = 20 µs
SSD random read ........................ 150,000 ns = 150 µs
Read 1 MB sequentially from memory ..... 250,000 ns = 250 µs 4X memory
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1) Start with only one known domain from a botnet: qwmrxczhrcmbcagehqwxlvsnj.ru | |
| 2) Get the intersection of names looked up by the IPs having looked up this domain. It takes less than 1 minute. | |
| $ curl https://sgraph.umbrella.com/dnsdb/clientlookups/i/name/qwmrxczhrcmbcagehqwxlvsnj.ru | sort -rn > /tmp/a | |
| 3) Remove popular domains | |
| cut -f2 /tmp/a | filter-popular > /tmp/aa |