Stephen Paulger stephenpaulger
stephenpaulger
/ malware_package_credential_theft_attack_tree.yaml
Last active
September 10, 2025 08:34
Malicious package to credential theft attack tree
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Use this with Deciduous https://www.deciduous.app/#gist=ef8809a2b8047d57e64fd082780ecdd8 | |
| theme: classic | |
| title: Malicious package to credential theft attack tree | |
| facts: | |
| - metadata_email: Package maintainer emails are listed in package metadata and github commits | |
| from: | |
| - target_research | |
| - visual_similarity: Malicious domain mimics package repo's. Some maintainers will be tricked |
stephenpaulger
/ sankey_transform.sh
Created
May 21, 2025 13:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # If you want to make a left-to-right sankey diagram that you've downloaded from mermaid.live | |
| # have no text and switch it to a top-to-bottom orientation then this is the script for you. | |
| # | |
| # Tested with Inkscape 1.4 on OSX. | |
| # | |
| # Usage: ./sankey_transform.sh input.svg output.svg|output.png | |
| INPUT="$1" | |
| OUTPUT="$2" |
We can't make this file beautiful and searchable because it's too large.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ID,CVSS3.1,CVSS3.0,CVSS2.0 | |
| CVE-2023-2387,2.4,2.4,3.3 | |
| CVE-2023-2738,6.3,6.3,6.5 | |
| CVE-2023-2368,4.7,4.7,5.8 | |
| CVE-2023-2692,3.5,3.5,4 | |
| CVE-2023-2942,None,8.1,None | |
| CVE-2023-2041,6.3,6.3,6.5 | |
| CVE-2023-2411,6.3,6.3,6.5 | |
| CVE-2023-2104,None,5.4,None | |
| CVE-2023-2554,None,7.2,None |
stephenpaulger
/ function_identifiers.go
Created
August 6, 2018 08:49
Extract golang function identifiers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "errors" | |
| "fmt" | |
| "go/ast" | |
| "go/parser" | |
| "go/token" | |
| ) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Runs on https://schweigi.github.io/assembler-simulator/ | |
| ; https://en.wikipedia.org/wiki/Bubble_sort | |
| MOV C, data ; C tracks the address of end | |
| ADD C, 16 ; of the unsorted section of data. | |
| start: | |
| DEC C ; One byte is sorted each pass | |
| MOV D, data ; Start of the data | |
| bubble: |
stephenpaulger
/ sum_digits.py
Last active
December 20, 2015 15:29
Wondering about http://python-karan.blogspot.co.uk/2013/07/sum-of-digits-of-number-in-one-line-or.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import timeit | |
| import random | |
| from math import log, ceil | |
| def sum_digits(num): | |
| sum_dig = 0 | |
| while num > 0: | |
| last_digit = num % 10 # extract the last digit |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| def xor_int_tuple(tup): | |
| return reduce(lambda a,b:a^b, tup) | |
| def xor_tuple(tup): | |
| return ord(tup[0]) ^ ord(tup[1]) | |
| def encrypt(m, k, op=xor_tuple): | |
| return map(op, zip(m, k)) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import signal | |
| import sys | |
| import time | |
| def handle(sig, frame): | |
| print all_signals[sig] | |
| all_signals = dict((getattr(signal, attr), attr) for attr in dir(signal) if attr.startswith("SIG")) |
stephenpaulger
/ erlang sieve of eratosthenes.erl
Created
April 7, 2010 16:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -module(sieve). | |
| -export([sieve/1]). | |
| sieve(N) -> | |
| [1 | sieve(lists:seq(2, N), N)]. | |
| sieve([Head|L], N) when Head * 2 < N -> | |
| [Head | sieve(L -- lists:seq(Head * 2, N, Head), N)]; | |
| sieve([Head|L], _) -> |