Skip to content

Instantly share code, notes, and snippets.

View ulloaza's full-sized avatar

Zara Ulloa ulloaza

5 followers · 10 following
View GitHub Profile
@Wra7h
Wra7h / CreateThread.m
Last active September 19, 2023 05:19
Matlab Shellcode Loader
% Wra7h/FlavorTown
% MATLAB version: R2023a
% Tested on Win10 x64
if not(libisloaded('kernel32'))
loadlibrary('kernel32.dll', @kernel32proto);
end
if not(libisloaded('msvcrt'))
loadlibrary('msvcrt.dll', @msvcrtproto);
@tothi
tothi / mitmproxy-jwt-refresh-addon.py
Created August 28, 2022 20:52
mitmproxy addon for handling oauth access and refresh tokens automatically
# run: mitmproxy -k -p 8090 -s mitmproxy-jwt-refresh-addon.py
# set burp upstream proxy to localhost:8090
#
# use case:
# - application authorization is implemented by OAuth 2.0
# - testing is performed using Burp as primary and mitmproxy as upstream proxy
# - mitmproxy takes care of the Authorization tokens using this addon
# - user gets an access_token and a refresh_token during the 1st login (e.g. password login)
# - mitmproxy addon caches access_token and refresh_token
# - mitmproxy addon adds Authorization: Bearer [access_token from cache] header for every request
@SeanPesce
SeanPesce / find_symbol.sh
Last active May 10, 2023 19:03
Linux shell command to find binaries that contain a specific symbol. Useful when searching for command injection and other vulnerabilities.
#!/bin/bash
SYMBOL_NAME="system"; find ./ -type f -exec printf "{}: " \; -exec sh -c "objdump -T \"{}\" 2>&1 | grep -e \" $SYMBOL_NAME\" ; echo \"\"" \; | grep -e " $SYMBOL_NAME"
@anvbis
anvbis / pwntools-cheatsheet.md
Last active May 7, 2026 10:49
pwntools-cheatsheet.md