Skip to content

Instantly share code, notes, and snippets.

View secdev02's full-sized avatar

Casey secdev02

9 followers · 0 following
View GitHub Profile
@secdev02
secdev02 / gist:40e463f2728ebf5058a83c454ab5b06d
Created January 22, 2026 04:49
Equation Group windbreaker dump file
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\dumps\regret.dmp]
User Mini Dump File: Only registers, stack and portions of memory are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
@secdev02
secdev02 / README.md
Created January 4, 2026 02:38
OGhidra - Analysis

============================================================ [09:00:11] 🚀 SMART TOOL: RENAME ALL FUNCTIONS

Starting OPTIMIZED bulk function analysis with mode: smart_enumeration

============================================================ [09:00:11] ⚡ PERFORMANCE ENHANCEMENTS

• Batch processing (size: 50)

@secdev02
secdev02 / webdav_minimalist.ps1
Created December 21, 2025 18:07
Minimalist - PowerShell WebDAV - Decoy Share
<#
Obtained from https://github.com/re4lity/subTee-gits-backups/blob/master/JEWebDav.ps1
#>
<#
.SYNOPSIS
Simple Reverse Shell over HTTP. Deliver the link to the target and wait for connectback.
Read And Write Files Over WebDAV Proof Of Concept
@secdev02
secdev02 / bginteger.py
Created December 17, 2025 20:02
Factorial Mod N - GCD
import math
import time
def gcd_factorial_efficient(n):
"""Compute GCD(sqrt(n)!, n) efficiently"""
sqrt_n = int(math.sqrt(n))
g = n
print(f"Computing GCD({sqrt_n}!, {n})")
print(f"Processing {sqrt_n} numbers...\n")
@secdev02
secdev02 / README.md
Created December 17, 2025 18:35
Capability Diffusion - Part Two

A single file that has 2 different ways of behaving

IN this case we simply load and compile 2 difference C# calls.

Use your imagination.

image
@secdev02
secdev02 / HelloWorld.cs
Created December 17, 2025 18:06
Capability Diffusion - Sound of Silence - Basic Example.
using System;
using System.Configuration;
using System.IO;
using System.Net;
namespace HelloWorldLib
{
public class HelloWorld
{
private static Configuration _config;
@secdev02
secdev02 / bindiff.ps1
Last active December 16, 2025 23:37
Extractor
<#
.SYNOPSIS
Extracts a specific file from nested CAB files within an MSU package.
.DESCRIPTION
Extracts MSU to get CAB files, then extracts a specific file by name,
and performs additional expansion rounds if the file is itself a CAB.
.PARAMETER MsuPath
Path to the MSU file.
@secdev02
secdev02 / gist:d2aaac0f1dda92d52a89c276cab056f2
Created December 16, 2025 19:50
PatchDiff-AI - Example
cl1p.net - The internet clipboard Login/Sign Up cl1p.net/cves
Here is your stuff. Thanks for using cl1p. Tell your friends! Copy
Upgrade to PRO
{'file': 'kerberos.dll', 'patch_store_uid': 'c7eae9d4-8362-478d-b184-e4abea470c2b', 'kb': 'KB5068861', 'confidence': 0.15, 'date': 1763412539.2780097, 'cve': 'CVE-2025-60704', 'change_count': 22}
--------------------------------------------------------------------
CVE-2025-60704 Report
--------------------------------------------------------------------
Component
--------------------------------------------------------------------
@secdev02
secdev02 / Get-PortalAuthFromCookies.ps1
Last active December 14, 2025 20:15
Get-PortalAuthFromCookies
# BARK Cookie to Refresh Token Extractor
# This extracts portal auth tokens from cookies to use with BARK's existing functions
Function Get-PortalAuthTokensFromCookies {
<#
.SYNOPSIS
Extracts Portal Auth Refresh Token and Portal ID from browser cookies.
Author: Custom addition for BARK
License: GPLv3
@secdev02
secdev02 / README.md
Created December 10, 2025 13:23
TLS Debug - Serverless Prototype - Woot!

Building a Serverless Reverse TLS PRoxy Experiment.

curl "https://www.tlsdebug.com/debug?site=example.com"

{
  "request": {
    "method": "GET",
    "url": "https://example.com/",