Skip to content

Instantly share code, notes, and snippets.

View roelds's full-sized avatar
:shipit:
(╯°□°)╯︵ ┻━┻

RoelDS roelds

:shipit:
(╯°□°)╯︵ ┻━┻
6 followers · 64 following
  • 04:45 (UTC -05:00)
View GitHub Profile
@gmurdocca
gmurdocca / socat_caesar_dpi.md
Last active May 2, 2025 06:17
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. The moment I try to establish an SSH or SSL connection over o

@veganaize
veganaize / Icons.md
Last active January 6, 2025 20:29
Site, company, and product icons for use in github markdown.

- Acrobat
- Adobe PDF
- Android (classic)
- Android (modern)
- Apple (classic)
- Apple (modern)
- Arch

@lukechilds
lukechilds / install-cross-platform-emulators.md
Created October 25, 2022 06:14
Install cross platform emulators for Docker

Installs all cross platform emulators for use with docker buildx

docker run -it --rm --privileged tonistiigi/binfmt --install all
@mklement0
mklement0 / Get-WinError.ps1
Last active May 2, 2025 01:48
PowerShell function that looks up information about Windows errors, including HRESULT values, by number or name.
<#
Prerequisites: Windows PowerShell v5.1 or PowerShell Core (v6+)
License: MIT
Author: Michael Klement <[email protected]>
DOWNLOAD and INSTANT DEFINITION OF THE FUNCTION:
irm https://gist.github.com/mklement0/0fc086da1af9a72a94cbdb4a59d55230/raw/Get-WinError.ps1 | iex
@mklement0
mklement0 / ConvertTo-BodyWithEncoding.ps1
Last active September 22, 2024 04:40
PowerShell function that converts the raw body of a web-request response to a string based on the given character encoding.
<#
Prerequisites: Window PowerShell v5.1 and PowerShell (Core), on all supported platforms. (May work in earlier versions.)
License: MIT
Author: Michael Klement <[email protected]>
DOWNLOAD and INSTANT DEFINITION OF THE FUNCTION:
irm https://gist.github.com/mklement0/209a9506b8ba32246f95d1cc238d564d/raw/ConvertTo-BodyWithEncoding.ps1 | iex
@roelds
roelds / keybase.md
Created December 4, 2022 01:59
keybase.md

Keybase proof

I hereby claim:

  • I am roelds on github.
  • I am roelds (https://keybase.io/roelds) on keybase.
  • I have a public key ASB7yu-JsK3LuohfgbPbkgUTq2Puwwp6xEM8cGVBZWGl8go

To claim this, I am signing this object:

@alexander-hanel
alexander-hanel / README.md
Created December 27, 2022 21:22
The Fundamentals of Sharing for Malware Analyst

Originally created on 2016-11-06

The Fundamentals of Sharing for Malware Analyst

In most organizations malware analysts are tasked to produce a deliverable derived from static or dynamic analysis. The deliverable could be to extract indicators, understand functionality, write a report or something similar. During this process the analyst will create a number of files and artifacts. These files could be IDBs, memory dumps, yara signature, decoder scripts, pcaps, notes, etc. Once the task has been completed the analyst submits their deliverable and then moves on. In many organizations the files and artifacts are not stored in a way that are accessible to others, which is a shame. Having the data and analysis accessible to others has many positive benefits.

  1. Promotes sharing of processes and knowledge between analyst.
  2. Removes duplication of labor by allowing analyst to build off of previous research and analysis.
  3. Intellectual property and artifacts are not lost when an analyst leaves the organiz
@roelds
roelds / forkware.sh
Last active January 1, 2023 06:45
forkware - fish shell script : local clone latest git repo for line changes via yaml
#!/usr/bin/fish
#v1.0
echo $argv
set src (yq '.therepo' forkware.yaml)
set host (yq '.hosted' forkware.yaml)
set rel (yq '.release' forkware.yaml)
set meth (yq '.method' forkware.yaml)
echo $src
@roelds
roelds / forkware.yaml
Created January 1, 2023 07:55
forkware - yaml : used by forkware - fish shell script
# forkware.yaml
# hosted is github or gitlab
# latest or tag, clone or fork
# n is new line after, r is replace line, b is new line before, i is insert, a is append
---
therepo: prometheus/prometheus
hosted: github
release: latest
method: clone
files:
@roelds
roelds / get_latest_release_tagname.sh
Last active September 9, 2023 18:17
Shell - Get latest release tag name from GitLab or GitHub
# for GitHub:
# use this for name:
VERNAME=$(wget -q -O- https://api.github.com/repos/roelds/litaf/releases/latest | jq -r '.name')
# or this for tag name, if jq installed:
VERTAG=$(wget -q -O- https://api.github.com/repos/roelds/litaf/releases/latest | jq -r '.tag_name')
# or if jq not installed:
curl --silent "https://api.github.com/repos/roelds/litaf/releases/latest" | grep -Po "(?<=\"tag_name\": \").*(?=\")"
# latest release tag name, for GitLab:
curl -s https://gitlab.com/gitlab-org/cli/-/releases/permalink/latest | grep -m1 -Eo "releases/[^/]+\"" | awk 'BEGIN { FS="/" } {print $2}' | rev | cut -c2- | rev