- Install
dnscrypt-proxyusing Homebrew:
brew install dnscrypt-proxy- Configure DNSCrypt:
nano /opt/homebrew/etc/dnscrypt-proxy.toml
coreonyx
coreonyx
/ README.md
Created
September 6, 2024 13:23
— forked from lpsm-dev/README.md
[Setup] - MacOs dnscrypt-proxy
coreonyx
/ gist:180c3e25fc5a0a49ce2e8a49028a508c
Created
July 7, 2017 00:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| test |
coreonyx
/ dump.csv
Created
May 17, 2017 19:00
— forked from anonymous/dump.csv
Parsed out compromised hosts from #ShadowBrokers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ID | Host | IP Address | Year | Month | Day | Implant | Version | OS | |
|---|---|---|---|---|---|---|---|---|---|
| PITCHIMPAIR | ns1.youngdong.ac.kr | 202.30.58.5 | 1969 | 12 | 31 | INCISION | 1.1.2.1 | hppa2.0w-hp-hpux11.00 | |
| INTONATION | tx.micro.net.pk | 203.135.2.194 | 2000 | 8 | 17 | JACKLADDER | 2.0 | sparc-sun-solaris2.7 | |
| INTONATION | hakuba.janis.or.jp | 210.232.42.3 | 2000 | 8 | 22 | JACKLADDER | 2.0 | sparc-sun-solaris2.6 | |
| INTONATION | mail.interq.or.jp | 210.157.0.87 | 2000 | 8 | 24 | JACKLADDER | 2.0 | sparc-sun-solaris2.6 | |
| INTONATION | mx1.freemail.ne.jp | 210.235.164.21 | 2000 | 8 | 28 | JACKLADDER | ? | i386-pc-solaris2.7 | |
| INTONATION | webnetra.entelnet.bo | 166.114.10.28 | 2000 | 8 | 30 | JACKLADDER | 2.0 | sparc-sun-solaris2.6 | |
| INTONATION | opcwdns.opcw.nl | 195.193.177.150 | 2000 | 9 | 6 | JACKLADDER | 2.0 | sparc-sun-solaris2.6 | |
| INTONATION | rayo.pereira.multi.net.co | 206.49.164.2 | 2000 | 9 | 20 | JACKLADDER | 2.0 | sparc-sun-solaris2.6 | |
| INTONATION | most.cob.net.ba | 195.222.48.5 | 2000 | 9 | 21 | JACKLADDER | 2.0 | sparc-sun-solaris2.6 |
coreonyx
/ Wannacrypt0r-FACTSHEET.md
Created
May 14, 2017 23:51
— forked from rain-1/Wannacrypt0r-FACTSHEET.md
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comis up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru
coreonyx
/ gist:92f9a13001fb0342b52d8bd284e5da77
Created
January 21, 2017 00:32
— forked from tiernano/gist:4344701
IPv6 Firewall rules for a MikroTik router to allow outgoing connections, but block incoming, unless they are responses...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /ipv6 firewall filter | |
| add action=accept chain=input comment="Allow established connections" connection-state=established disabled=no | |
| add action=accept chain=input comment="Allow related connections" connection-state=related disabled=no | |
| add action=accept chain=input comment="Allow limited ICMP" disabled=no limit=50/5s,5 protocol=icmpv6 | |
| add action=accept chain=input comment="Allow UDP" disabled=no protocol=udp | |
| add action=drop chain=input comment="" disabled=no | |
| add action=accept chain=forward comment="Allow any to internet" disabled=no out-interface=sit1 | |
| add action=accept chain=forward comment="Allow established connections" connection-state=established disabled=no | |
| add action=accept chain=forward comment="Allow related connections" connection-state=related disabled=no | |
| add action=drop chain=forward comment="" disabled=no |
coreonyx
/ sendhex.py
Created
December 2, 2016 11:55
— forked from calmh/sendhex.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| import socket | |
| hex = "" | |
| for line in sys.stdin.readlines(): | |
| first_space = line.index(' ') | |
| if first_space > 2: | |
| line = line[first_space:] |