Skip to content

Instantly share code, notes, and snippets.

View caliskanfurkan's full-sized avatar
🎯
Focusing

Furkan ÇALIŞKAN caliskanfurkan

🎯
Focusing
View GitHub Profile
@caliskanfurkan
caliskanfurkan / AGENTS.md
Created April 15, 2026 18:08 — forked from selcukcihan/AGENTS.md
agents.md file for your beloved coding agents

Project Rules

These instructions apply to every task performed in this repository.

Purpose

  • Treat this file as the project-wide source of truth for repository-specific working rules.
  • Read and follow these instructions before making changes in this repo.

Working Style

  • Prefer minimal, targeted changes over broad refactors.
@kconner
kconner / macOS Internals.md
Last active June 26, 2026 11:28
macOS Internals

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

@svch0stz
svch0stz / Cobalt Strike Named Pipe Regex.csv
Last active October 21, 2024 13:54
Cobalt Strike Named Pipe Regex
Regex Source
MSSE-[0-9a-f]{3}-server Default Cobalt Strike Artifact Kit binaries
status_[0-9a-f]{2} Default psexec_psh
postex_ssh_[0-9a-f]{4} Default SSH beacon
msagent_[0-9a-f]{2} Default SMB beacon
postex_[0-9a-f]{4} Default Post Exploitation job (v4.2+)
mojo.5688.8052.183894939787088877[0-9a-f]{2} jquery-c2.4.2.profile
mojo.5688.8052.35780273329370473[0-9a-f]{2} jquery-c2.4.2.profile
wkssvc[0-9a-f]{2} jquery-c2.4.2.profile
ntsvcs[0-9a-f]{2} trick_ryuk.profile
@D4stiny
D4stiny / Macro_Scrambler.py
Created September 16, 2020 07:08
Corrupts macro documents to prevent static analysis by anti-virus while still allowing for the document to be opened in Microsoft Word.
import sys
import zipfile
import random
def get_zip_file_header_offset(zip_filename, target_filename):
"""
Parse the file header offset for a target_filename.
:param zip_filename: The name of the zip file to read.
:param target_filename: The name of the file to find the header of.
@MSAdministrator
MSAdministrator / iranian_apit_groups_possible_commands.md
Last active May 30, 2026 07:43
Iranian APT Groups & Possible Commands Used By These Groups

Overview

The following content is generated using a preview release of Swimlane's pyattck.

This snippet of data is scoped to the following actor groups:

  • APT33
  • APT34
  • APT39
  • Charming Kitten
@Neo23x0
Neo23x0 / iddqd.yar
Last active August 1, 2024 09:08
IDDQD - Godmode YARA Rule
/*
WARNING:
the newest version of this rule is now hosted here:
https://github.com/Neo23x0/god-mode-rules/blob/master/godmode.yar
*/
/*
_____ __ __ ___ __
@Xumeiquer
Xumeiquer / yara-spliter.py
Created February 7, 2018 20:02
This script splits up a Yara rule file in several files with a specific number of rules on them.
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os
import sys
import uuid
from collections import deque
# Motify this as the number of rules per file
From: http://redteams.net/bookshelf/
Techie
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
@jaredcatkinson
jaredcatkinson / Get-InjectedThread.ps1
Last active March 13, 2026 04:24
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
function Get-InjectedThread
{
<#
.SYNOPSIS
Looks for threads that were created as a result of code injection.
.DESCRIPTION
bin,banka_kodu,banka_adi,type,sub_type,virtual,prepaid
413226,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,PLATINUM
444676,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,CLASSIC
444677,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,GOLD
444678,10,T.C. ZİRAAT BANKASI A.Ş.,VISA,PLATINUM
453955,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC
453956,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, GOLD
454671,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC
454672,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, CLASSIC
454673,10,T.C. ZİRAAT BANKASI A.Ş.,VISA, BUSINESS