I hereby claim:
- I am still34 on github.
- I am stillaz (https://keybase.io/stillaz) on keybase.
- I have a public key ASAE-X_di9JfeZuuhsTXYifdFaPJ3Z5dS3mxCYEHyCz3-wo
To claim this, I am signing this object:
Still / Azaka Still34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Made with <3 by Still/Azaka | |
| # https://links.azaka.fun | |
| #Requires -Module ps-menu | |
| #Requires -Version 7 | |
| $msftDocsCacheDir = [System.IO.Path]::Combine(($env:HOME ?? $env:USERPROFILE), '.msftdocs-cache') | |
| function Update-MsDocsCache | |
| { | |
| $win32Categories = "_ad", "_adam", "_rm", "_adsi", "_alljoyn", "_amsi", "_setup", "_recovery", "_audio", "_automat", "_bits", "_backup", "_battery", "_bltooth", "_bluetooth", "_cimfs", "_cimwin32", "_cloudapi", "_cos", "_com", "_cmpapi", "_coreaudio", "_fs", "_dedup", "_dataxchg", "_debug", "_dwm", "_devlic", "_winprog", "_deviceaccess", "_devinst", "_dlgbox", "_directmanipulation", "_direct2d", "_direct3d10", "_direct3d11", "_direct3d12", "_direct3d9", "_directcomp", "_directdraw", "_directml", "_directwrite", "_dxmath", "_display", "_dfs", "_msdtcwmi", "_dns", "_devtest", "_dxcore", "_direct3ddxgi", "_dhcp", "_enstor", "_etw", "_eventlogprov", "_eaphost", "_eap", "_cluswmi", "_clushyperv", "_fax", "_fsrm", "_gamemode", "_gamingdvcinfo", "_gdiplus", "_policy", "_gpmc", "_hcp" |
Still34
/ dump-ps1-to-exe.py
Last active
June 16, 2023 07:04
Dumps the inner scripts generated by Kodak Faith's PS1/BAT to EXE tool
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Made with <3 by Still/Azaka | |
| # https://links.azaka.fun | |
| import hashlib | |
| import logging | |
| import os | |
| import pathlib | |
| import re | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms | |
| import lief |
Still34
/ dark-malpedia.user.css
Created
June 8, 2021 08:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* ==UserStyle== | |
| @name Dark Malpedia | |
| @author Still | |
| @version 1.0.0 | |
| @license MIT | |
| @preprocessor default | |
| ==/UserStyle== */ | |
| @-moz-document domain("malpedia.caad.fkie.fraunhofer.de") { | |
| :root { | |
| --bg-color: hsl(212, 10%, 13%); |
Still34
/ resolve-address.py
Last active
January 12, 2021 10:44
— forked from xorhex/Resolve APIs - Code Snippet 2 - IDAPython script renaming the dword variables.
IDAPython Script for DWORD Renaming (Compatible with the Latest IDAPython)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ida_idaapi, ida_kernwin, ida_bytes, ida_name | |
| import sys | |
| import random | |
| import re | |
| if sys.version_info.major == 3: | |
| import tkinter as tk | |
| from tkinter import filedialog | |
| else: | |
| import Tkinter, tkFileDialog |
Still34
/ ConvertTo-Gif.ps1
Created
December 16, 2019 10:11
Short PowerShell script to generate GIF from video
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function ConvertTo-Gif { | |
| [CmdletBinding()] | |
| param ( | |
| [ValidateScript( { test-path -LiteralPath $_ })] | |
| [Parameter(Mandatory = $true)] | |
| $File | |
| ) | |
| begin { | |
| # Check if ffmpeg is installed |
Still34
/ ais3-2019-forensics.md
Last active
July 31, 2019 08:32
Ransomware Analysis for AIS3 2019 Forensics
Dynamic analysis is used here first because it is already actively running on victim's machine, so we might as well start from there.
- Launch Process Hacker on the victim VM; an anomaly named
5D85C2C17D.execan be found in the process list. - The process is launched with the system, suggesting a daemon service or autorun registry is keeping the process persistent.
- WhatsInStartup confirms our suspicion
Still34
/ 0. Discord.NET FAQ.md
Last active
May 18, 2021 16:18
Discord.Net Frequently Asked Questions
Discord.Net | Repo | Docs | Support | Latest CI Artifacts | Build Logs
THIS FAQ IS DEPRECATED, PLEASE VISIT Discord.Net Nightly Documentation FOR THE MOST UP TO DATE VERSION.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Concurrent; | |
| using System.Collections.Generic; | |
| using System.Diagnostics; | |
| using System.Linq; | |
| using System.Threading.Tasks; | |
| namespace TPLPractice | |
| { | |
| public class Program |