Skip to content

Instantly share code, notes, and snippets.

View taosecurity's full-sized avatar

Richard Bejtlich taosecurity

46 followers · 17 following
View GitHub Profile
@csgordon
csgordon / triple_boot_2025.md
Last active November 15, 2025 15:40
Triple-booting Windows 11, Linux, and FreeBSD with ZFS in 2025, on a single disk
@rajkosto
rajkosto / SearchReplaceNvidiaApp.cpp
Last active October 17, 2025 22:11
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include <Shlobj.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
bool replaceAllInFile(const TCHAR* filePath)
@eacpereira
eacpereira / StarfieldSFSECompleteConsoleCommands.md
Created September 18, 2023 18:24
Complete list of Starfield Console Commands with SFSE on. Minimally Edited.

Console Commands

Command Description
Show Show script value
ShowVars Show variables on object. You can optionally specified a papyrus variable or script to filter with [player|sv]
ShowGlobalVars Show all global variables.
ShowQuestVars Show quest variables. You can optionally specified a papyrus variable or script to filter with [svq QuestID]
ShowQuests List quests.
ShowQuestAliases Show quest aliases. [ShowQuestAliases QuestID]
SetPapyrusQuestVar Set a Papyrus property on the specified quest.
@Ayke
Ayke / cuda-wsl2-ubuntu.md
Last active November 7, 2025 01:24
Everything About CUDA in WSL2 Ubuntu

Prerequisites, i.e. the most important things

  1. Time of writing: Jan 18, 2023, updated on Sep 22, 2024. The following assumes that you're trying to install CUDA on WSL2 Ubuntu.

  2. Check support matrix first before you install any version of CUDA, because chances are the latest CUDA does not have cuDNN support yet, then you would have to re-install older version if you found out later.

    https://docs.nvidia.com/deeplearning/cudnn/support-matrix/index.html#cudnn-cuda-hardware-versions

    At the time of writing, the latest cuDNN version is 8.7 and it supports CUDA 11.8.

  3. Windows 10 must be build 20145 or later, or you should be on Windows 11.

@Neo23x0
Neo23x0 / help.md
Last active July 30, 2023 12:19
Offensive Research Guide to Help Defense Improve Detection

I've transformed this gist into a git repository.

Whenever you research a certain vulnerability ask yourself these questions and please answer them for us

Logging

Does the exploited service write a log?
(check ls -lrt /var/log or lsof +D /var/log/ or lsof | grep servicename)

@netspooky
netspooky / pcapscroller.py
Created September 20, 2020 04:08
Used to generate this https://twitter.com/netspooky/status/1307038708907081728
import time
import urllib.request
l0 = '8b........d8...............................................................................................................88..88....................................................................................................88.....................................................................................88..88.................................................................................................................................88..88..................................................................................................................................88......................................................................................'
l1 = '.Y8,....,8P................................................................................................................88..""....................................................................................................88....................................................................
@ShyftXero
ShyftXero / install_zeek.sh
Last active September 11, 2024 22:34
install latest zeek nsm repo on kali 2020.1 (Debian Testing)
sudo ls
if test $(lsb_release -c | grep -o kali); then
echo on kali;
echo 'deb http://download.opensuse.org/repositories/security:/zeek/Debian_Testing/ /' |sudo tee -a /etc/apt/sources.list.d/security:zeek.list;
wget -nv https://download.opensuse.org/repositories/security:zeek/Debian_Testing/Release.key -O Release.key;
else
echo not on kali;
# For ubuntu base system rather than Debian
echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_21.10/ /' |sudo tee -a /etc/apt/sources.list.d/security:zeek.list;
@SwitHak
SwitHak / 20200114-TLP-WHITE_CVE-2020-0601.md
Last active November 11, 2025 11:22
BlueTeam CheatSheet * CVE-2020-0601 * crypt32.dll | Last updated: 2020-01-21 1817 UTC

CVE-2020-0601 AKA ChainOfFools OR CurveBall

General

  • Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
  • The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
  • The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.

Vulnerability explanation

  • NSA description:
  • NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.
@magisterquis
magisterquis / qddoh.go
Last active August 5, 2019 09:33
Quick and Dirty DNS-over-HTTPS in Go
package main
import (
"encoding/base64"
"fmt"
"io/ioutil"
"log"
"net/http"
"os"
@Obsecurus
Obsecurus / exim-rce.rules
Last active May 28, 2020 15:48
Modified Exim RCE rule to capture both the < and + use cases. Previously the rule was only capturing when "verify = recipient" had been removed. See: https://www.qualys.com/2019/06/05/cve-2019-10149/return-wizard-rce-exim.txt
alert smtp any any -> $SMTP_SERVERS any (msg:"ET EXPLOIT Possible Exim 4.87-4.91 RCE Attempt Inbound (CVE-2019-10149)"; flow:established,to_server; content:"RCPT|20|TO"; content:"|24 7b|run|7b|"; distance:0; fast_pattern; content:"|7d 7d 40|"; distance:0; content:"RCPT|20|TO|3a|"; pcre:"/^\s*\x24\x7brun\x7b[^\r\n]+\x7d{2}\x40/R"; metadata: former_category EXPLOIT; reference:url,www.qualys.com/2019/06/05/cve-2019-10149/return-wizard-rce-exim.txt; classtype:attempted-admin; sid:2027442; rev:1; metadata:attack_target SMTP_Server, deployment Perimeter, cve 2019_10149, signature_severity Major, created_at 2019_06_07, performance_impact Low, updated_at 2019_06_07;)