Skip to content

Instantly share code, notes, and snippets.

View tracure1337's full-sized avatar
💭
/r/masterhacker/

ɘɿuɔɐɿɈ tracure1337

💭
/r/masterhacker/
139 followers · 417 following
View GitHub Profile
@TheBrokenRail
TheBrokenRail / README.md
Last active March 17, 2025 13:05
Jailbreak Firefox!

Jailbreak-Firefox

This script allows you to install unsigned extensions (ones that aren't approved by Mozilla) on normal Firefox builds and the official Snap! That's right, no "Firefox Developer Edition" nonsense required!

⚠️ Disclaimer ⚠️

This script is not well tested, like at all. This script might break things, possibly important things. You should probably take a backup of your Firefox profile before using it. You have been warned.

Dependencies

sudo apt install -y curl unzip zip
# Only needed when jailbreaking the Snap
@ruevaughn
ruevaughn / 00-==}}======> bbht-resources-notes
Last active March 1, 2025 04:29
My Resources and Links over time to various Tools, Notes, Videos, Papers, Articles, Writeups, and more. Will be moving to my own private hosted Wikipedia soon. Ascii Art Font: Calvin S
╔╦╗╦ ╦ ╔╗ ┬ ┬┌─┐ ╔╗ ┌─┐┬ ┬┌┐┌┬┐┬ ┬ ╦═╗┌─┐┌─┐┌─┐┬ ┬┬─┐┌─┐┌─┐┌─┐
║║║╚╦╝ ╠╩╗│ ││ ┬ ╠╩╗│ ││ │││││ └┬┘ ╠╦╝├┤ └─┐│ ││ │├┬┘│ ├┤ └─┐
╩ ╩ ╩ ╚═╝└─┘└─┘ ╚═╝└─┘└─┘┘└┘┴ ┴ ╩╚═└─┘└─┘└─┘└─┘┴└─└─┘└─┘└─┘
//
()==========>>======================================--
\\
https://doepichack.com/
@mellow-hype
mellow-hype / symgrep.sh
Created July 5, 2022 06:23
grep for specific strings in ghidra decompiler from the commandline
#!/usr/bin/env bash
# -- search for specific strings in the output of ghidra decompiler for a
# -- specific target binary.
# --
# -- ghidra script from: https://github.com/0xdea/ghidra-scripts
# ---------------------------------------------------------------------------
# update this to point to the location where ghidra is installed
GHIDRA_PATH="$HOME/tools/ghidra_10.1.4"
# update this to point to the location where the ghidra-scripts repo was downloaded
@alfarom256
alfarom256 / source.cpp
Last active October 15, 2024 08:22
Uniwill SparkIO.sys PoC
/*
IOCTL 0x40002004 : Arbitrary Physical Memory Read using MmMapIoSpace
IOCTL 0x40002008 : Close a handle of your choice! + Stack-based Buffer Overflow
IOCTL 0x40002000 : Arbitrary RW to IO ports
*/
#include <Windows.h>
#include <stdio.h>
#define GLE( x ) { printf("%s failed with error: %d\n", x , GetLastError()); }
#define IOCTL_TRIGGER_OVERFLOW 0x40002008
@defparam
defparam / MutateMethods.py
Last active April 14, 2025 16:37
Example of using Turbo Intruder in a "listen and attack" mode. Because turbo intruder's jython interpreter is technically inside burp you can have turbo intruder scripts use the plugin API. Here we use burp.IProxyListener to intercept requests and reissue them inside turbo intruder mutating the method.
from threading import Thread
import time
class TrafficMagnet(burp.IProxyListener):
def __init__(self):
callbacks.registerProxyListener(self)
self._helpers = callbacks.getHelpers()
self._callbacks = callbacks
@h4x0r-dz
h4x0r-dz / Generic keys
Created May 5, 2022 09:15
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
@gamozolabs
gamozolabs / proc_mem.py
Last active June 19, 2024 07:09
IDA Python loader for /proc/pid/mem without debugging a process
import re, subprocess, idaapi, ida_segment, ida_kernwin
# To install this, simply put it in your ida_install/loaders folder and open
# a `/proc/<pid>/mem` file!
#
# You might need to set `echo 0 > /proc/sys/kernel/yama/ptrace_scope` if you
# want to be able to dump processes depending on your system configuration.
# Check if the file is supported by our loader
def accept_file(li, filename):
@ihsangan
ihsangan / index.js
Last active April 25, 2025 09:23
Send email from Workers with MailChannel API
async function readRequestBody(request) {
const { headers } = request;
const contentType = headers.get('content-type') || '';
if (contentType.includes('application/json')) {
return JSON.stringify(await request.json());
} else if (contentType.includes('form')) {
const formData = await request.formData();
const body = {};
for (const entry of formData.entries()) {
body[entry[0]] = entry[1];
@cyberbutler
cyberbutler / file-upload-flask-server-with-autountar-and-decryption.py
Last active March 13, 2022 14:05
A Flask web server with builtin file upload handling, Tar extraction, and OpenSSL AES256 CBC PBKDF2 decryption
import os
import base64
import tarfile
import hashlib
import datetime
import tempfile
from Crypto.Cipher import AES
from werkzeug.utils import secure_filename
from flask import Flask, request, jsonify
@cyberbutler
cyberbutler / file-upload-flask-server.py
Last active March 22, 2022 15:59
A basic Flask web server for uploading files
import os
import datetime
from werkzeug.utils import secure_filename
from flask import Flask, request, jsonify
app = Flask(__name__)
app.config['UPLOAD_DIR'] = 'uploads'
@app.route('/', methods=['POST'])
def upload_file():