Just some notes and references for myself.
- In bash, you can access your
C:\drive via/mnt/c/ ~=C:\Users\MLM\AppData\Local\lxss\home\mlmand is different from your Windows user directoryC:\Users\MLM
genuine_ blaquee
iwikmai
/ Get-MS17010.ps1
Last active
December 22, 2023 05:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Scans a host or network for the MS17-010 vulnerability and output results as a | |
| table that you can pipe to other PowerShell functions such as Invoke-Command or | |
| Export-CSV. | |
| .DESCRIPTION | |
| This script will use a custom NMap NSE script to scan a destination host on | |
| port 445 for the MS17-010 vulnerability. If the host is not online or is blocking |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include "stdafx.h" | |
| #include "HideModule.h" | |
| std::vector<UNLINKED_MODULE> UnlinkedModules; | |
| void RelinkModuleToPEB(HMODULE hModule) | |
| { | |
| std::vector<UNLINKED_MODULE>::iterator it = std::find_if(UnlinkedModules.begin(), UnlinkedModules.end(), FindModuleHandle(hModule)); | |
| if (it == UnlinkedModules.end()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| import sys | |
| import os.path | |
| import site | |
| try: | |
| import binaryninja | |
| print "Binary Ninja API Installed" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| static int data[1] __attribute__((aligned(4096))) = {1}; | |
| int main() | |
| { | |
| MEMORY_BASIC_INFORMATION info; | |
| VirtualQuery(&data, &info, sizeof(info)); | |
| printf("%d\n", info.Protect==PAGE_WRITECOPY); |
williballenthin
/ yara_fn.py
Last active
December 4, 2020 05:25
generate a yara rule that matches the basic blocks of the current function in IDA Pro
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| IDAPython script that generates a YARA rule to match against the | |
| basic blocks of the current function. It masks out relocation bytes | |
| and ignores jump instructions (given that we're already trying to | |
| match compiler-specific bytes, this is of arguable benefit). | |
| If python-yara is installed, the IDAPython script also validates that | |
| the generated rule matches at least one segment in the current file. | |
| author: Willi Ballenthin <william.ballenthin@fireeye.com> |
MadLittleMods
/ lxss-wsl-bash-windows-tips.md
Last active
September 4, 2023 07:27
jNizM
/ NtQuerySystemInformation.h
Last active
November 6, 2023 04:19
Undocumented NtQuerySystemInformation Structures
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // http://www.exploit-monday.com/2013/06/undocumented-ntquerysysteminformation.html | |
| // ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// | |
| enum _SYSTEM_INFORMATION_CLASS | |
| { | |
| SystemBasicInformation = 0x0000, | |
| SystemProcessorInformation = 0x0001, | |
| SystemPerformanceInformation = 0x0002, | |
| SystemTimeOfDayInformation = 0x0003, |
C0deH4cker
/ syms.c
Created
March 20, 2016 03:21
Prints out the name, type, and value of every symbol in a Mach-O file, similar to nm.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // main.c | |
| // macho-syms | |
| // | |
| // Created by C0deH4cker on 3/19/16. | |
| // Copyright © 2016 C0deH4cker. All rights reserved. | |
| // | |
| #include <stdio.h> | |
| #include <stdlib.h> |
kracekumar
/ Writing better python code.md
Last active
February 19, 2024 03:06
Talk I gave at June bangpypers meetup.
aras-p
/ preprocessor_fun.h
Last active
May 23, 2024 08:26
Things to commit just before leaving your job
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Just before switching jobs: | |
| // Add one of these. | |
| // Preferably into the same commit where you do a large merge. | |
| // | |
| // This started as a tweet with a joke of "C++ pro-tip: #define private public", | |
| // and then it quickly escalated into more and more evil suggestions. | |
| // I've tried to capture interesting suggestions here. | |
| // | |
| // Contributors: @r2d2rigo, @joeldevahl, @msinilo, @_Humus_, | |
| // @YuriyODonnell, @rygorous, @cmuratori, @mike_acton, @grumpygiant, |