Skip to content

Instantly share code, notes, and snippets.

View IlluminatiFish's full-sized avatar
👋

IlluminatiFish

👋
74 followers · 0 following
View GitHub Profile
@0xdevalias
0xdevalias / reverse-engineering-golang.md
Last active February 12, 2026 09:33
Some notes, tools, and techniques for reverse engineering Golang binaries
@0xdevalias
0xdevalias / reverse-engineering-webpack-apps.md
Last active January 29, 2026 21:05
Some notes and techniques for reverse engineering Webpack (and a little bit about React/Vue/Angular) apps
@embee-research
embee-research / 2023-05-15-quasar_ips_with_ports.txt
Created May 15, 2023 23:50
102.116.6.203:8009
108.160.136.232:8088
111.90.148.240:8088
116.36.143.105:8888
139.180.219.18:8088
14.225.204.247:6060
14.225.254.32:9090
144.168.46.50:9000
146.70.113.150:8443
@embee-research
embee-research / 2023-05-15-Quasar-servers
Created May 14, 2023 11:19
List of potential quasar servers
2.133.130.23
27.11.235.246
42.192.132.19
43.240.48.46
43.244.89.152
45.32.106.94
49.12.46.139
59.26.93.6
80.168.201.195
81.19.141.35
@eset-research
eset-research / KEKWLTD_PyPI_uploads.md
Last active May 14, 2023 13:10
Python packages with malware uploaded by "KEKWLTD"

Python packages uploaded by "KEKWLTD" which contains stealer malware uploaded to PyPI, as of 2023-05-04 2:00 pm UTC.

Upload date Project Size (bytes) File name SHA-256
2023-05-04 03:14:40.606521 UTC pythoncryptolibrary 20788 pythoncryptolibrary-1.0.0.tar.gz cc60ff986a5dd15137b327a874c164443c099dd9e2de6ba53b736b9175b0f7c0
2023-05-04 03:14:38.830459 UTC pythoncryptolibrary 20941 pythoncryptolibrary-1.0.0-py3-none-any.whl ab05e400208bda44cc9d6eb201d537f408cdc3d59a8859bffded8c78be03a0a9
2023-05-03 23:46:50.934163 UTC pipcolorpkgV1 20783 pipcolorpkgV1-1.0.0.tar.gz b9ad095d848f3536e8a71faa59d0949c04b1404118218474575ea10df3e70f55
2023-05-03 23:46:48.963961 UTC pipcolorpkgV1 20866 pipcolorpkgV1-1.0.0-py3-none-any.whl 1b191beafc5cdc327e6b4da864dacb7175ce9102c0bb9adb90949fe9d2e1ed57
2023-05-03 23:04:16.714994 UTC syscolouringkitsV2 20780 `sysco
@yehgdotnet
yehgdotnet / get-shodan-favicon-hash.py
Last active November 7, 2025 12:53
Get Shodan FAVICON Hash
# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3
-----------------------------
# python 2
import mmh3
import requests
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')
@joenorton8014
joenorton8014 / common sections dict
Last active February 14, 2026 18:07
# Dictionary of common PE file sections and descriptions.
# Taken from here: http://www.hexacorn.com/blog/2016/12/15/pe-section-names-re-visited/
common_sections_dict = {".00cfg":"Control Flow Guard CFG section added by newer versions of Visual Studio", \
".apiset":"a section present inside the apisetschema.dll", \
".arch":"Alpha-architecture section", \
".autoload_text":"cygwin/gcc; the Cygwin DLL uses a section to avoid copying certain data on fork.", \
".bindat":"Binary data also used by one of the downware installers based on LUA", \
".bootdat":"section that can be found inside Visual Studio files; contains palette entries", \
".bss":"Uninitialized Data Section", \
@dperini
dperini / regex-weburl.js
Last active February 11, 2026 16:35
//
// Regular Expression for URL validation
//
// Author: Diego Perini
// Created: 2010/12/05
// Updated: 2018/09/12
// License: MIT
//
// Copyright (c) 2010-2018 Diego Perini (http://www.iport.it)
//