Random Code

This repository contains most of the code that I write for my blog posts. I realized I have random repositories on Github. I am consolidating them into one.

Individual Licenses

Most code in this repository is governed under the MIT. Some code may have a different license, check each directory for a license file.

Security Code

Security code will be mostly in https://github.com/parsiya/Go-Security.

Code Index

This table will help but may not be current. Look inside each individual directory to see the code.

• WinAppDbg Tutorials
• Proof of Concepts
  • Code WSL Remote RCE - CVE-2021-43907
• Semgrep
  • Semgrep Autofix
• Go
  • Cryptopals
  • Gophercises
  • Blackfriday and gographviz
  • Byte Wrangling and Windows Filetime
  • filePath.Ext notes
  • SANS Holiday Hack Challenge 2018
• Python
  • Hipchat Proxy
  • Malware Adventure
  • Customizing SimpleHTTPServer
  • pcap2csv
• .NET Remoting
• Burp
  • Cryptography in Python Burp Extensions
  • Hiding OPTIONS in Burp
  • Swing in Python Burp Extensions
  • Using Mozilla Rhino to Run JavaScript in Java
  • Java SQLite Test
• Cryptography
  • Cryptopals in C
  • Decrypting an Application's Encrypted Log
• Endpoint Discovery using Windows DNS Cache
• Octopress Image Popup Plugin Forked
• Calculator in C++

WinAppDbg Tutorials

Code for my set of WinAppDbg tutorials.

1. Copy the winappdbg directory to your Virtual Machine.
2. Install Python, WinAppDbg and other software using instructions in part 1.
3. Follow the tutorials and enjoy.
4. If code is wrong, make an issue here or yell at me on Twitter/email/etc.

• Part 1 - Basics
• Part 2 - Function Hooking and Others
• Part 3 - Manipulating Function Calls
• Part 4 - Bruteforcing FlareOn 2017 - Challenge 3

Proof of Concepts

Code WSL Remote RCE - CVE-2021-43907

See the blog at https://parsiya.net/blog/2021-12-20-rce-in-visual-studio-codes-remote-wsl-for-fun-and-negative-profit.

Also exists in https://github.com/parsiya/code-wsl-rce.

Semgrep

Semgrep Autofix

Practice rules and code for the blog A Hands-On Intro to Semgrep's Autofix.

Go

Go is dope, also see https://github.com/parsiya/Go-Security.

Cryptopals

Doing the Cryptopals challenges with lol no generics.

Gophercises

Gophercises by Jon Calhoun.

Blackfriday and gographviz

Code for blog post Blackfriday's Parser and Generating graphs with gographviz.

Byte Wrangling and Windows Filetime

Code for blog post Windows Filetime Timestamps and Byte Wrangling with Go.

filePath.Ext notes

Code for blog post filepath.Ext Notes.

SANS Holiday Hack Challenge 2018

See the write-up at:

• https://parsiya.net/blog/2019-01-15-sans-holiday-hack-challenge-2018-solutions/

Files:

• decrypt.go: Decrypts the password vault.
• cleaned-malware.ps1: Cleaned version of the PowerShell malware.

Python

Hipchat Proxy

Small proxy that I wrote for proxying Hipchat.

• Main blog post
  • Proxying Hipchat Part 3: SSL Added and Removed Here
• Related blogs:
  • Proxying Hipchat Part 1: Where did the Traffic Go?
  • Proxying Hipchat Part 2: So You Think You Can Use Burp?

Malware Adventure

Small text adventure written in Python using PAWS (Python Adventure Writing System). Created as part of the class activity for "Advanced Topics in Computer Security" in 2013 at Johns Hopkins.

PAWS 2.1 is a fork by Matthias C. Hormann at https://github.com/Moonbase59/PAWS. PAWS was originally created by Roger Plowman.

• Blog post
  • Malware Adventure
• Github repository (because there are links to it)
  • https://github.com/parsiya/malwareadventure

Customizing SimpleHTTPServer

Code for the blog post Customizing Python's SimpleHTTPServer.

pcap2csv

A few python scripts to extract information from pcap files to csv.

.NET Remoting

Code and example program used in:

• Intro to .NET Remoting for Hackers

Burp

Mostly Burp extension code.

Cryptography in Python Burp Extensions

Code and example program used in:

• Cryptography in Python Burp Extensions

Hiding OPTIONS in Burp

Code used in:

• Hiding OPTIONS - An Adventure in Dealing with Burp Proxy in an Extension

Swing in Python Burp Extensions

• Part 1 blog: Swing in Python Burp Extensions - Part 1
  • https://parsiya.net/blog/2019-11-04-swing-in-python-burp-extensions-part-1/
  • Part 1 code
• Part 2 blog:
  • Swing in Python Burp Extensions - Part 2 - NetBeans and TableModels
  • https://parsiya.net/blog/2019-11-11-swing-in-python-burp-extensions-part-2-netbeans-and-tablemodels/
  • Part 2 code

Using Mozilla Rhino to Run JavaScript in Java

Code used in:

• Using Mozilla Rhino to Run JavaScript in Java

Java SQLite Test

Sample code to learn how to interact with a SQLite database in Java with org.xerial.sqlite-jdbc.

Cryptography

Cryptopals in C

Doing the first few cryptopals challenges in C (why?!).

Decrypting an Application's Encrypted Log

This code decrypts an application's logs. It uses the Mersenne Twister Engine with a specific seed to create a key stream. See the blog post at:

• The Encrypted Logz - Some Simple Reverse Engineering.

Endpoint Discovery using Windows DNS Cache

A couple of PowerShell scripts that use the Windows DNS cache to discover application endpoints.

• Blog post: Thick Client Proxying - Part 9 - The Windows DNS Cache

Octopress Image Popup Plugin Forked

This is a fork of the Octopress Image Popup Plugin at https://github.com/ctdk/octopress-image-popup by Jeremy Bingham. The original instructions did not work for me out of the box so I made some minor changes. Because it has a different license, I am keeping it in a separate repository.

• Blog post
  • Image Popup and Octopress.

Calculator in C++

I found this code in an old archive. It's some calculator I wrote back in undergrad. It draws shapes on the screen and depending on where you click, you get a number. Pretty much all of it was done manually. The only thing I remember, is that I needed to have C:\\egavga.bgi for it to work. Fun times.