Metadata in PDF files can be stored in at least two places:
- the Info Dictionary, a limited set of key/value pairs
- XMP packets, which contain RDF statements expressed as XML
Slim Shady slim8shady9
UniIsland
/ SimpleHTTPServerWithUpload.py
Created
August 14, 2012 04:01
Simple Python Http Server with Upload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """Simple HTTP Server With Upload. | |
| This module builds on BaseHTTPServer by implementing the standard GET | |
| and HEAD requests in a fairly straightforward manner. | |
| """ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| continue | |
| dir=/var/www/downloads | |
| file-allocation=falloc | |
| max-connection-per-server=4 | |
| max-concurrent-downloads=2 | |
| max-overall-download-limit=0 | |
| min-split-size=25M | |
| rpc-allow-origin-all=true | |
| rpc-secret=YouShouldChangeThis | |
| input-file=/var/tmp/aria2c.session |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import requests | |
| import json | |
| import re | |
| import datetime | |
| import sys | |
| import matplotlib as mpl | |
| mpl.use('Agg') | |
| import matplotlib.pyplot as plt | |
| from math import cos, sin, pi |
0x27
/ lunixui.py
Created
October 6, 2015 23:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| # coding: utf-8 | |
| # Example of how not to code PHP... Not a serious exploit, just one for fun as | |
| # an example of how fucking badly people screw up. Picked an app while githubbin' | |
| # and heres the ruinage. | |
| # Exploits trivial command injection, followed by abusing the lolsudo implemented. | |
| # Seriously, this dudes programming licence needs to be revoked. | |
| # BONUS: Includes SCTP Backconnect for Great Justice reasons :D | |
| # Screenshot: http://i.imgur.com/0CWDs8m.png | |
| # Twitter: @dailydavedavids |
mattifestation
/ UACBypass.ps1
Last active
September 22, 2025 15:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Invoke-UACBypass { | |
| <# | |
| .SYNOPSIS | |
| Bypasses UAC on Windows 10 by abusing the SilentCleanup task to win a race condition, allowing for a DLL hijack without a privileged file copy. | |
| Author: Matthew Graeber (@mattifestation), Matt Nelson (@enigma0x3) | |
| License: BSD 3-Clause | |
| Required Dependencies: None | |
| Optional Dependencies: None |
iam1980
/ resources.md
Last active
July 10, 2025 14:40
Shadow Brokers EQGRP Lost in Translation resources
scrapped from @x0rz,@etlow,@Dinosn,@hackerfantastic,@highmeh,@cyb3rops and others
- A quick analysis of the latest Shadow Brokers dump https://labs.nettitude.com/blog/a-quick-analysis-of-the-latest-shadow-brokers-dump/
- Timestamps
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Usage: ./dns_check.py <list_of_domain_names.txt> | |
| import dns.resolver | |
| import requests | |
| import re | |
| import json | |
| import sys | |
| resolver = dns.resolver.Resolver() | |
| resolver.timeout = 5 | |
| resolver.lifetime = 5 |
rain-1
/ Wannacrypt0r-FACTSHEET.md
Last active
May 14, 2025 19:15
— forked from Epivalent/Wannacrypt0r-FACTSHEET.md
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comis up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru
cryptolok
/ vMetaDate.sh
Last active
November 15, 2025 13:25
small tool to retreive vk.com (vkontakte) users hidden metadata (state, access, dates, counts, etc) anonymously (without login)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # small tool to retreive vk.com (vkontakte) users hidden metadata (state, access, dates, counts, etc) anonymously (without login) | |
| # sudo apt install curl | |
| parse(){ | |
| local IFS=\> | |
| read -d \< CELL VALUE | |
| } |
OlderNewer