genuine_ blaquee
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| template<typename T, typename U> | |
| static const T* stristr(const T* string, const T* substring, U(*tolwr)(U)) | |
| { | |
| const T *a, *b; | |
| b = substring; | |
| if(*b == 0) | |
| return string; | |
| for(; *string != 0; string += 1) | |
| { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| BOOL RtlEndsWithUnicodeString(PUNICODE_STRING Source, PUNICODE_STRING Find) | |
| { | |
| if (Source->Length == Find->Length || | |
| (Find->Length > Source->Length)) | |
| { | |
| //do a regular RtlEqualUnicodeString? | |
| return FALSE; | |
| } | |
| USHORT bytesDif = Source->Length - Find->Length; |
blaquee
/ c_cpp_properties.json
Created
July 10, 2017 18:13
— forked from chappjc/c_cpp_properties.json
VS Code C++ project properties for VS 2015 w/ Windows SDK 10.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "configurations": [ | |
| { | |
| "name": "Mac", | |
| "includePath": ["/usr/include"], | |
| "browse" : { | |
| "limitSymbolsToIncludedHeaders" : true, | |
| "databaseFilename" : "" | |
| } | |
| }, |
blaquee
/ Get-MS17010.ps1
Created
May 17, 2017 03:19
— forked from iwikmai/Get-MS17010.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .Synopsis | |
| Scans a host or network for the MS17-010 vulnerability | |
| .DESCRIPTION | |
| This script will use a custom NMap NSE script to scan a destination host on | |
| port 445 for the MS17-010 vulnerability. If the host is not online or is blocking | |
| SMB, this script will report no vulnerabilities. | |
blaquee
/ gist:3b07353b2b5710d5c19c304113742f83
Created
March 6, 2017 17:16
— forked from masuidrive/gist:5231110
clang options
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| OVERVIEW: LLVM 'Clang' Compiler: http://clang.llvm.org | |
| USAGE: clang -cc1 [options] <inputs> | |
| OPTIONS: | |
| -### Print the commands to run for this compilation | |
| --analyze Run the static analyzer | |
| --migrate Run the migrator | |
| --relocatable-pch Build a relocatable precompiled header | |
| --serialize-diagnostics <value> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma once | |
| #include <windows.h> | |
| enum HWBP_MODE | |
| { | |
| MODE_DISABLED = 0, //00 | |
| MODE_LOCAL = 1, //01 | |
| MODE_GLOBAL = 2 //10 | |
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma once | |
| #include <windows.h> | |
| enum HWBP_MODE | |
| { | |
| MODE_DISABLED = 0, //00 | |
| MODE_LOCAL = 1, //01 | |
| MODE_GLOBAL = 2 //10 | |
| }; |
blaquee
/ keybase.io
Created
September 6, 2016 17:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am blaquee on github. | |
| * I am gandolf (https://keybase.io/gandolf) on keybase. | |
| * I have a public key whose fingerprint is 0616 BB6B 0922 B86F E26E 73FC 0F04 EF14 D247 DB3E | |
| To claim this, I am signing this object: |
blaquee
/ yara_fn.py
Created
August 25, 2016 00:37
— forked from williballenthin/yara_fn.py
generate a yara rule that matches the basic blocks of the current function in IDA Pro
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| IDAPython script that generates a YARA rule to match against the | |
| basic blocks of the current function. It masks out relocation bytes | |
| and ignores jump instructions (given that we're already trying to | |
| match compiler-specific bytes, this is of arguable benefit). | |
| If python-yara is installed, the IDAPython script also validates that | |
| the generated rule matches at least one segment in the current file. | |
| author: Willi Ballenthin <william.ballenthin@fireeye.com> |
blaquee
/ main.cpp
Created
February 9, 2016 12:29
— forked from mrexodia/main.cpp
ExceptionHandlerTest
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <stdio.h> | |
| static LPTOP_LEVEL_EXCEPTION_FILTER OldFilter; | |
| static char callOrder[10] = ""; | |
| int main() | |
| { | |
| OldFilter = SetUnhandledExceptionFilter([](PEXCEPTION_POINTERS ExceptionInfo) -> LONG | |
| { |