Skip to content

Instantly share code, notes, and snippets.

View sharpicx's full-sized avatar

sharpicx

View GitHub Profile
@clubby789
clubby789 / fuzz.py
Created September 4, 2020 23:03
Pwntools-based format string fuzzer
from pwn import *
context.arch = "amd64" # Change as applicable
e = ELF("./format") # Binary name
p = process(e.path)
l = p.libc # Load libc, initialised with correct values
rev = {value : key for (key, value) in l.sym.items()}
# Flip sym:addr dict
def exec_fmt(pl):
p.sendline(pl)
return p.clean()
@rhovelz
rhovelz / trick-to-stay-as-king.md
Created August 27, 2020 09:43

Trick to stay as king on KOTH from Tryhackme.

Method 1

#!/bin/bash
while :
do
        eval "echo [usernameHere] >> /root/king.txt"
        eval " > /root/king.txt"
done
@muff-in
muff-in / resources.md
Last active April 16, 2025 15:12
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
@emaldonadot
emaldonadot / LinuxKernelModule_P1.md
Last active February 26, 2023 06:29
Writing a Linux Loadable Kernel Module

Writing a Linux Loadable Kernel Module

Kernel modules are applications that work a little different than regular applications. These don't hae a main function that woill be the entry point of the application, instead they respond to events.

Kernel Modules are applications that extends the kernel and they can be loaded and unloaded on demand without having to rebuild the entire kernel.

The below commands will allow you to manage the loadable kernel modules:

List the loaded modules:

lsmod

@valyakuttan
valyakuttan / install-tor-on-arch-linux.md
Last active March 1, 2025 15:48

Setup tor proxy on Arch Linux

Copied from this article.

Installation

  1. Install tor

         $ sudo pacman -S tor
     $ ## nyx provides a terminal status monitor for bandwidth usage, connection details and more.

$ sudo pacman -S nyx

@sharpicx
sharpicx / title.js
Last active February 15, 2022 06:05
simple scrolling title script.
msg = " empty name -" // fill this string
msg = " simple scroll -"+ msg;position = 0;
function puter() { // simple scroll function
document.title = msg.substring(position, msg.length) + msg.substring(0, position);
position++;
if (position > msg.length) position = 0
window.setTimeout("puter()",50);
}
puter();
@adamczi
adamczi / load.py
Last active October 30, 2023 11:01
CVE-2020-1747 PyYAML PoC
# pyyaml==5.3 required. Vulnerability has been fixed in 5.3.1
# More: ret2libc's report in https://github.com/yaml/pyyaml/pull/386
# Explanation: https://2130706433.net/blog/pyyaml/
from yaml import *
with open('payload.yaml','rb') as f:
content = f.read()
data = load(content, Loader=FullLoader) # Using vulnerable FullLoader
@ssstonebraker
ssstonebraker / Active Directory Attacks.md
Last active January 15, 2025 00:06
Active Directory Attacks #oscp
@rhovelz
rhovelz / .tmux.conf
Created February 23, 2020 12:17
#############################
########## Bindings
#############################
# Set the prefix to `ctrl + a` instead of `ctrl + b`
unbind C-b
set-option -g prefix C-a
bind-key C-a send-prefix
# Automatically set window title
@asadasivan
asadasivan / burp_defaults_combined.json
Created February 14, 2020 22:18
Burp Default Configuration file
{
"project_options":{
"connections":{
"hostname_resolution":[],
"out_of_scope_requests":{
"advanced_mode":false,
"drop_all_out_of_scope":false,
"exclude":[],
"include":[],
"scope_option":"suite"