| Base64 Code | Mnemonic Aid | Decoded* | Description |
|---|---|---|---|
JAB |
🗣 Jabber | $. |
Variable declaration (UTF-16) |
TVq |
📺 Television | MZ |
MZ header |
SUVY |
🚙 SUV | IEX |
PowerShell Invoke Expression |
SQBFAF |
🐣 Squab favorite | I.E. |
PowerShell Invoke Expression (UTF-16) |
SQBuAH |
🐣 Squab uahhh | I.n. |
PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz |
PAA |
💪 "Pah!" | <. |
Often used by Emotet (UTF-16) |
znb
/ Base64_CheatSheet.md
Created
January 31, 2023 12:54
— forked from Neo23x0/Base64_CheatSheet.md
Learning Aid - Top Base64 Encodings Table
znb
/ Refang.txt
Created
October 27, 2022 02:54
Simple CyberChef recipe to make a defanged URL unsafe again
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Find_/_Replace({'option':'Regex','string':'hxxp'},'http',true,false,true,false) | |
| Find_/_Replace({'option':'Regex','string':'\\['},'',true,false,true,false) | |
| Find_/_Replace({'option':'Regex','string':'\\]'},'',true,false,true,false) |
znb
/ 2serv.py
Created
September 27, 2022 07:19
— forked from phrawzty/2serv.py
simple python http server to dump request headers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| import SimpleHTTPServer | |
| import SocketServer | |
| import logging | |
| PORT = 8000 | |
| class GetHandler(SimpleHTTPServer.SimpleHTTPRequestHandler): |
znb
/ passrole_actions_and_parameters.csv
Created
May 12, 2021 14:58
— forked from noamsdahan/passrole_actions_and_parameters.csv
A list of IAM actions which require iam:PassRole as of December 2020. Nested parameters are written with dot ('.') notation. Where there are multiple relevant parameters, they are separated by the pipe character ('|'). consult the AWS documentation on special cases - noted with an asterisk (most of them are "array of documents" type parameters).…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IAM Permission | Params | |
|---|---|---|
| amplify:CreateApp | iamServiceRoleArn | |
| amplify:CreateDomainAssociation | autoSubDomainIAMRole | |
| amplify:UpdateApp | iamServiceRoleArn | |
| amplify:UpdateDomainAssociation | autoSubDomainIAMRole | |
| appconfig:CreateConfigurationProfile | RetrievalRoleArn | |
| appconfig:UpdateConfigurationProfile | RetrievalRoleArn | |
| appflow:CreateConnectorProfile | connectorProfileConfig.connectorProfileProperties.Redshift.roleArn | |
| appflow:UpdateConnectorProfile | connectorProfileConfig.connectorProfileProperties.Redshift.roleArn | |
| application-autoscaling:RegisterScalableTarget | RoleARN |
znb
/ foxyproxy.json
Created
June 6, 2019 09:16
— forked from liamosaur/foxyproxy.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "mode": "patterns", | |
| "proxySettings": [ | |
| { | |
| "address": "127.0.0.1", | |
| "port": 8080, | |
| "username": "", | |
| "password": "", | |
| "type": 1, | |
| "title": "127.0.0.1:8080", |
znb
/ shoGrey_ip.py
Created
October 10, 2018 19:12
— forked from n0x08/shoGrey_ip.py
Lookup IP address against greynoise.io and shodan
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # !/usr/bin/env python | |
| # shoGrey_ip.py | |
| # | |
| # Stupid simple IP lookup against Greynoise.io | |
| # Also looks up against Shodan and returns ports, tags, vulns | |
| # requires json, requests, shodan | |
| # | |
| # Also requires Shodan API key | |
| # | |
| # Example: python3 shoGrey_ip.py 1.2.3.4 |
znb
/ content_discovery_all.txt
Created
June 19, 2018 13:26
— forked from jhaddix/content_discovery_all.txt
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
znb
/ audit.rules
Created
January 15, 2018 16:51
— forked from Neo23x0/audit.rules
Linux Auditd Best Practice Configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ___ ___ __ __ | |
| # / | __ ______/ (_) /_____/ / | |
| # / /| |/ / / / __ / / __/ __ / | |
| # / ___ / /_/ / /_/ / / /_/ /_/ / | |
| # /_/ |_\__,_/\__,_/_/\__/\__,_/ | |
| # | |
| # Linux Audit Daemon - Best Practice Configuration | |
| # /etc/audit/audit.rules | |
| # | |
| # Compiled by Florian Roth |
znb
/ keybase.md
Last active
August 29, 2015 14:05
I hereby claim:
- I am znb on github.
- I am mle (https://keybase.io/mle) on keybase.
- I have a public key whose fingerprint is F625 BA9E 0F37 1BF8 A88B 0D67 62B0 18D8 553E EC25
To claim this, I am signing this object: