Skip to content

Instantly share code, notes, and snippets.

View secdev02's full-sized avatar

Casey secdev02

8 followers · 0 following
View GitHub Profile
@secdev02
secdev02 / game.py
Created June 12, 2025 04:26
SHALL WE PLAY A GAME?
#!/usr/bin/env python3
"""
Script to compute a public key on secp256k1 using a custom generator point.
"""
import hashlib
import base58
# secp256k1 curve parameters
P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Field prime
@secdev02
secdev02 / Explainit.md
Created June 7, 2025 16:32
Mathematical Curiousity -

Shared Bits in secp###k1 Curves: A Cryptographic Vulnerability

This appears to be highlighting a significant cryptographic vulnerability in the secp256k1 and related elliptic curve implementations.

The Core Issue

The shared bit pattern 48ce563f89a0ed9414f5aa28ad0d96d6795f9c62 appears across multiple secp curves (160k1, 192k1, 224k1, 256k1), and as you noted, this looks suspiciously like a SHA-1 hash output.

Why This Is Problematic

@secdev02
secdev02 / Inject.cs
Created May 15, 2025 04:27 — forked from infosecn1nja/Inject.cs
DotNetToJScript Build Walkthrough
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Text;
public class TestClass
{
public TestClass()
{}
@secdev02
secdev02 / Update_Notes.md
Created April 24, 2025 22:19 — forked from mgeeky/Update_Notes.md
You have found THE coolest gist :) Come to DerbyCon to learn more. Loading .NET Assemblies into Script Hosts - Abusing System32||SysWow64\Tasks writable property

Using Hard Links to point back to attacker controlled location.

mklink /h C:\Windows\System32\Tasks\tasks.dll C:\Tools\Tasks.dll
Hardlink created for C:\Windows\System32\Tasks\tasks.dll <<===>> C:\Tools\Tasks.dll

This can redirect the search to an arbitrary location and evade tools that are looking for filemods in a particular location.

xref: https://googleprojectzero.blogspot.com/2015/12/between-rock-and-hard-link.html

@secdev02
secdev02 / ServiceAlertTest.ps1
Last active April 23, 2025 15:16
Windows Event 7045 Test
# Create a directory to store our files
$workingDir = "C:\ServiceTest"
if (!(Test-Path $workingDir)) {
New-Item -ItemType Directory -Path $workingDir
}
# Create the C# service code
$serviceCode = @'
@secdev02
secdev02 / TexasHoldem.html
Created April 11, 2025 22:22
An AI generated Texas Holdem Simulator written by Claude, to demonstrate and teach with.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Texas Hold'em Poker Simulator</title>
<style>
body {
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
max-width: 1000px;
@secdev02
secdev02 / service.c
Created February 24, 2025 16:57
RPC Service -
#include <stdio.h>
#include <windows.h>
// rpc command ids
#define RPC_CMD_ID_OPEN_SC_MANAGER 27
#define RPC_CMD_ID_CREATE_SERVICE 24
#define RPC_CMD_ID_START_SERVICE 31
#define RPC_CMD_ID_DELETE_SERVICE 2
// rpc command output lengths
@secdev02
secdev02 / pshell.xml
Created February 14, 2025 00:01 — forked from clr2of8/pshell.xml
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<!-- This inline task executes c# code. -->
<!-- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe pshell.xml -->
<!-- Author: Casey Smith, Twitter: @subTee -->
<!-- License: BSD 3-Clause -->
<Target Name="Hello">
<FragmentExample />
<ClassExample />
</Target>
<UsingTask
@secdev02
secdev02 / crypto.py
Created February 4, 2025 14:06 — forked from NeilMadden/crypto.py
A Lazy Developer’s Guide to Modern Cryptography
#!/usr/bin/env python3
# Copyright 2024 Neil Madden.
# License: https://creativecommons.org/licenses/by-sa/4.0/deed.en.
# Like this? I do training courses & consultancy:
# https://illuminated-security.com/
import hashlib
import math
import os
@secdev02
secdev02 / priv_to_pub.py
Created February 2, 2025 18:37 — forked from Nikolaj-K/priv_to_pub.py
priv-key to pub-key on the Bitcoin elliptic curve
"""
Bitcoin elliptic curve pub-key from priv-key in raw python, as dicusssed in the video
https://youtu.be/RZzB-vPFYmo
This is a follow-up to the previous video
https://youtu.be/LYN3h5DjeXw
This script is directly based off
https://github.com/peterscott78/offline_signer/blob/master/ecdsa_keys.py