Skip to content

Instantly share code, notes, and snippets.

View DiabloHorn's full-sized avatar

DiabloHorn DiabloHorn

168 followers · 0 following
View GitHub Profile
@DiabloHorn
DiabloHorn / PSCmdLineParser.cs
Created March 31, 2024 22:14
namespace DiabloHorn.PowerShell.ParseCommandLine
{
/*
https://powershell.one/powershell-internals/parsing-and-tokenization/simple-tokenizer
https://learn.microsoft.com/en-us/powershell/scripting/developer/hosting/windows-powershell01-sample?view=powershell-7.4
*/
using System;
using System.Collections.ObjectModel;
//dotnet add package System.Management.Automation (inside folder with .csproj)
using System.Management.Automation;
@DiabloHorn
DiabloHorn / example-plugin-logging.py
Created February 28, 2021 15:12
Example base class to build plugins with logging
# Example minimalistic plugin framework
# https://www.guidodiepen.nl/2019/02/implementing-a-simple-plugin-framework-in-python/
import logging
class BasePlugin(object):
"""
Example class just to remember about logging stuff
We want to override the default formatting of the main logger,
without removing it alltogether
@DiabloHorn
DiabloHorn / docker-compose.yaml
Last active May 1, 2020 23:05
docker compose to run elasticsearch and kibana
# Thank you @donnymaasland for this file
# memo to self:
# sudo docker-compose up
version: "3"
services:
elasticsearch:
image: elasticsearch:7.6.2
ports:
- 9200:9200
@DiabloHorn
DiabloHorn / gdb-session.fish
Created April 23, 2019 23:22 — forked from logc/gdb-session.fish
How to add a new structure to a GDB session
❯ gcc -g minimal.c -o minimal
❯ sudo gdb minimal
Password:
(gdb) break main
Breakpoint 1 at 0x100000f90: file minimal.c, line 3.
(gdb) run
Starting program: /private/tmp/c-repl/minimal
@DiabloHorn
DiabloHorn / mass_analysis_jar.sh
Created June 11, 2018 17:14
Decompile multiple jar files for analysis
#!/bin/bash
#DiabloHorn - https://diablohorn.com
#easy opengrok analysis of all decompiled source
# sudo docker run -v /home/me/Desktop/libanalysis/srces:/src -p 9000:8080 itszero/opengrok
# http://localhost:9000/source/
OUTPUTDIR="srces"
DECOMPATH="/home/me/tools/javadecomp"
DECOMBIN="cfr_0_130.jar"
@DiabloHorn
DiabloHorn / whitelist_finder.py
Created February 18, 2018 15:26
Identify whitelisted IP addresses using spoofing techniques in conjunction with arp poisoning
#!/usr/bin/env python
#DiabloHorn - https://diablohorn.com
#Find whitelisted IP addresses on a network & application level
import sys
import logging
import threading
import argparse
from scapy.all import *
@DiabloHorn
DiabloHorn / ChangePassword.java
Created January 23, 2018 00:18 — forked from zach-klippenstein/ChangePassword.java
The keystore password on Java keystore files is utterly pointless. You can reset it without knowing it, as shown by this code. Note that private keys are still secure, as far as I know. The JKS implementation is copyright Casey Marshall (rsdio@metastatic.org), and the original source is available at http://metastatic.org/source/JKS.java. I've in…
import java.util.*;
import java.io.*;
import java.security.*;
public class ChangePassword
{
private final static JKS j = new JKS();
public static void main(String[] args) throws Exception
{
@DiabloHorn
DiabloHorn / file_processor.py
Created January 16, 2018 01:09
#!/usr/bin/env python
#DiabloHorn - https://diablohorn.com
import sys
import os
import csv
import argparse
import shutil
try:
import magic
@DiabloHorn
DiabloHorn / Makefile.target
Created December 12, 2017 19:12
Reference files to expose a QEMU guest memory
# -*- Mode: makefile -*-
BUILD_DIR?=$(CURDIR)/..
include ../config-host.mak
include config-target.mak
include config-devices.mak
include $(SRC_PATH)/rules.mak
$(call set-vpath, $(SRC_PATH):$(BUILD_DIR))
@DiabloHorn
DiabloHorn / pe-aware-split.py
Created November 12, 2017 17:47
Split file while preserving PE format
#!/usr/bin/env python
# DiabloHorn https://diablohorn.com
# blank out bytes taking into account the PE file format
# input file: base64 malware.exe | rev > enc.txt
import sys
import os
#pip install pefile
import pefile
import argparse
import logging