I hereby claim:
- I am cr0kz on github.
- I am cr0kz (https://keybase.io/cr0kz) on keybase.
- I have a public key ASD1SA5Q3uYnFzmWek0K3w4aHoJAWN4bqC3SliX_jVMv1Ao
To claim this, I am signing this object:
cr0Kz
/ loaded_psp_drivers.cpp
Created
August 3, 2023 11:47
— forked from jthuraisamy/loaded_psp_drivers.cpp
Loaded Security Product Drivers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <ImageHlp.h> | |
| #include <strsafe.h> | |
| #include "loaded_psp_drivers.h" | |
| #include <set> | |
| #include <string> | |
| #include <algorithm> | |
| #pragma comment(lib, "crypt32.lib") |
cr0Kz
/ ExeMask.py
Created
July 18, 2023 03:28
— forked from aaaddress1/ExeMask.py
Strip your personal compile info from Exe Files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pefile, struct, sys | |
| if len(sys.argv) != 2: | |
| print(f"Strip your personal compile info from Exe Files by aaaddress1@chroot.org") | |
| print(f"Usage: {sys.argv[0]} [path/to/exe]") | |
| sys.exit(-1) | |
| # Rewrite from pefile: https://github.com/erocarrera/pefile/blob/593d094e35198dad92aaf040bef17eb800c8a373/pefile.py#L3402 | |
| def mask_myRichHdr(in_pefile): | |
| DANS = 0x536E6144 # 'DanS' as dword |
cr0Kz
/ Scan-LOLDrivers.ps1
Created
July 16, 2023 23:16
— forked from IISResetMe/Scan-LOLDrivers.ps1
it works - but use with caution :) it's a bit noisy and I think it's broken
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Scan-LOLDrivers { | |
| param( | |
| [Parameter(Mandatory = $true)] | |
| [string]$path | |
| ) | |
| Add-Type -TypeDefinition @" | |
| using System; | |
| using System.Security.Cryptography; | |
| using System.Security.Cryptography.X509Certificates; |
cr0Kz
/ no_strings.hpp
Created
November 20, 2022 06:10
— forked from EvanMcBroom/no_strings.hpp
Encrypt Strings at Compile Time
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copyright (C) 2022 Evan McBroom | |
| // If you are using Visual Studio, you will need to disable the "Edit and Continue" feature. | |
| // Prng based off of Parker Miller's | |
| // "Multiplicative Linear Congruential Generator" | |
| // https://en.wikipedia.org/wiki/Lehmer_random_number_generator | |
| namespace mlcg { | |
| constexpr uint32_t modulus() { | |
| return 0x7fffffff; | |
| } |
cr0Kz
/ keybase.md
Created
December 18, 2021 04:38