This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
template<typename T, typename U> | |
static const T* stristr(const T* string, const T* substring, U(*tolwr)(U)) | |
{ | |
const T *a, *b; | |
b = substring; | |
if(*b == 0) | |
return string; | |
for(; *string != 0; string += 1) | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BOOL RtlEndsWithUnicodeString(PUNICODE_STRING Source, PUNICODE_STRING Find) | |
{ | |
if (Source->Length == Find->Length || | |
(Find->Length > Source->Length)) | |
{ | |
//do a regular RtlEqualUnicodeString? | |
return FALSE; | |
} | |
USHORT bytesDif = Source->Length - Find->Length; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"configurations": [ | |
{ | |
"name": "Mac", | |
"includePath": ["/usr/include"], | |
"browse" : { | |
"limitSymbolsToIncludedHeaders" : true, | |
"databaseFilename" : "" | |
} | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.Synopsis | |
Scans a host or network for the MS17-010 vulnerability | |
.DESCRIPTION | |
This script will use a custom NMap NSE script to scan a destination host on | |
port 445 for the MS17-010 vulnerability. If the host is not online or is blocking | |
SMB, this script will report no vulnerabilities. | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OVERVIEW: LLVM 'Clang' Compiler: http://clang.llvm.org | |
USAGE: clang -cc1 [options] <inputs> | |
OPTIONS: | |
-### Print the commands to run for this compilation | |
--analyze Run the static analyzer | |
--migrate Run the migrator | |
--relocatable-pch Build a relocatable precompiled header | |
--serialize-diagnostics <value> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#pragma once | |
#include <windows.h> | |
enum HWBP_MODE | |
{ | |
MODE_DISABLED = 0, //00 | |
MODE_LOCAL = 1, //01 | |
MODE_GLOBAL = 2 //10 | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#pragma once | |
#include <windows.h> | |
enum HWBP_MODE | |
{ | |
MODE_DISABLED = 0, //00 | |
MODE_LOCAL = 1, //01 | |
MODE_GLOBAL = 2 //10 | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Keybase proof | |
I hereby claim: | |
* I am blaquee on github. | |
* I am gandolf (https://keybase.io/gandolf) on keybase. | |
* I have a public key whose fingerprint is 0616 BB6B 0922 B86F E26E 73FC 0F04 EF14 D247 DB3E | |
To claim this, I am signing this object: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
IDAPython script that generates a YARA rule to match against the | |
basic blocks of the current function. It masks out relocation bytes | |
and ignores jump instructions (given that we're already trying to | |
match compiler-specific bytes, this is of arguable benefit). | |
If python-yara is installed, the IDAPython script also validates that | |
the generated rule matches at least one segment in the current file. | |
author: Willi Ballenthin <william.ballenthin@fireeye.com> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <windows.h> | |
#include <stdio.h> | |
static LPTOP_LEVEL_EXCEPTION_FILTER OldFilter; | |
static char callOrder[10] = ""; | |
int main() | |
{ | |
OldFilter = SetUnhandledExceptionFilter([](PEXCEPTION_POINTERS ExceptionInfo) -> LONG | |
{ |