Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.
You've got two main options:
Furkan ÇALIŞKAN caliskanfurkan
🎯
svch0stz
/ Cobalt Strike Named Pipe Regex.csv
Last active
October 21, 2024 13:54
Cobalt Strike Named Pipe Regex
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Regex | Source | |
|---|---|---|
| MSSE-[0-9a-f]{3}-server | Default Cobalt Strike Artifact Kit binaries | |
| status_[0-9a-f]{2} | Default psexec_psh | |
| postex_ssh_[0-9a-f]{4} | Default SSH beacon | |
| msagent_[0-9a-f]{2} | Default SMB beacon | |
| postex_[0-9a-f]{4} | Default Post Exploitation job (v4.2+) | |
| mojo.5688.8052.183894939787088877[0-9a-f]{2} | jquery-c2.4.2.profile | |
| mojo.5688.8052.35780273329370473[0-9a-f]{2} | jquery-c2.4.2.profile | |
| wkssvc[0-9a-f]{2} | jquery-c2.4.2.profile | |
| ntsvcs[0-9a-f]{2} | trick_ryuk.profile |
D4stiny
/ Macro_Scrambler.py
Created
September 16, 2020 07:08
Corrupts macro documents to prevent static analysis by anti-virus while still allowing for the document to be opened in Microsoft Word.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import zipfile | |
| import random | |
| def get_zip_file_header_offset(zip_filename, target_filename): | |
| """ | |
| Parse the file header offset for a target_filename. | |
| :param zip_filename: The name of the zip file to read. | |
| :param target_filename: The name of the file to find the header of. |
MSAdministrator
/ iranian_apit_groups_possible_commands.md
Last active
December 5, 2025 00:25
Iranian APT Groups & Possible Commands Used By These Groups
The following content is generated using a preview release of Swimlane's pyattck.
This snippet of data is scoped to the following actor groups:
- APT33
- APT34
- APT39
- Charming Kitten
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| WARNING: | |
| the newest version of this rule is now hosted here: | |
| https://github.com/Neo23x0/god-mode-rules/blob/master/godmode.yar | |
| */ | |
| /* | |
| _____ __ __ ___ __ |
Xumeiquer
/ yara-spliter.py
Created
February 7, 2018 20:02
This script splits up a Yara rule file in several files with a specific number of rules on them.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| import os | |
| import sys | |
| import uuid | |
| from collections import deque | |
| # Motify this as the number of rules per file |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| From: http://redteams.net/bookshelf/ | |
| Techie | |
| Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
| Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
| Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
| The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
| Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
| Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
| The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
jaredcatkinson
/ Get-InjectedThread.ps1
Last active
October 14, 2025 02:45
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
ugurakar
/ Kredi Kartı BIN Listesi - CSV
Created
August 17, 2012 20:26
— forked from GoktugOzturk/Kredi Kartı BIN Listesi - CSV
Kredi Kartı BIN Listesi
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bin,banka_kodu,banka_adi,type,sub_type,virtual,prepaid | |
| 413226,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,PLATINUM | |
| 444676,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,CLASSIC | |
| 444677,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,GOLD | |
| 444678,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,PLATINUM | |
| 453955,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC | |
| 453956,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, GOLD | |
| 454671,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC | |
| 454672,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC | |
| 454673,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, BUSINESS |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Attempts to install the web application vulnerability scanner w3af and it's prerequisites. | |
| # For more information about w3af, see: http://w3af.sourceforge.net/ | |
| # USAGE: pypi_install package_name version_number md5_checksum | |
| # checksum is optional; package and version are required | |
| function pypi_install() { | |
| name=$1 | |
| version=$2 |
NewerOlder