Skip to content

Instantly share code, notes, and snippets.

@strazzere
strazzere / decrypt.py
Last active July 21, 2023 14:11
Dump encoded compress powershell stream
#!/usr/bin/python
#
#
# Decompling something being loaded in through powershell
#
#
# diff <[email protected]>
#
#
@hasherezade
hasherezade / chinad.py
Last active July 5, 2017 02:51
script used to discover C&C's of Chinad botnet
#!/usr/bin/env python
"""script used to discover C&C's of Chinad botnet
(more: https://blog.malwarebytes.org/intelligence/2015/06/unusual-exploit-kit-targets-chinese-users-part-2/)
"""
import sys
import argparse
import urllib2
url_bgn = "http://"
@h3xstream
h3xstream / web200.md
Last active November 8, 2023 20:48
GoSecure CTF - Web 200 pts writeup

Starting at the URL http://web200.gosec.net:7721, we can see a login page for a dating site.

login

Small oracle

It is possible to identify that the user admin exists because we get two distinct error messages.

Invalid user:

@sckalath
sckalath / linux_privesc
Last active November 14, 2024 12:15
Linux Privilege Escalation Techniques
// Determine linux distribution and version
cat /etc/issue
cat /etc/*-release
cat /etc/lsb-release
cat /etc/redhat-release
// Determine kernel version - 32 or 64-bit?
cat /proc/version
uname -a
uname -mrs
@bradoaks
bradoaks / hfsc-shape.sh
Created April 25, 2011 14:51 — forked from eqhmcow/hfsc-shape.sh
HFSC - linux traffic shaping's best kept secret
#!/bin/bash
# As the "bufferbloat" folks have recently re-discovered and/or more widely
# publicized, congestion avoidance algorithms (such as those found in TCP) do
# a great job of allowing network endpoints to negotiate transfer rates that
# maximize a link's bandwidth usage without unduly penalizing any particular
# stream. This allows bulk transfer streams to use the maximum available
# bandwidth without affecting the latency of non-bulk (e.g. interactive)
# streams.