Skip to content

Instantly share code, notes, and snippets.

Avatar
🕵️
haxing

alan ex0dus-0x

🕵️
haxing
View GitHub Profile
View callgraph.c
/*
* callgraph.c
*
* Subroutine-rich sample to help testing
* any type of analysis tooling involving callgraphs,
* whether static or dynamic.
*
* Each function implements some type of edge case
* that one may want to consider covering in their tool,
* such as function pointers.
@ex0dus-0x
ex0dus-0x / memfd_unpack.py
Last active Nov 3, 2022
Unpacking memfd malware with Qiling
View memfd_unpack.py
#!/usr/bin/env python3
"""
memfd_unpack.py
AUTHOR
Alan <ex0dus-0x>
DESCRIPTION
Using Qiling to unpack and decompress a sample being loaded
and executed in-memory.
@ex0dus-0x
ex0dus-0x / Vagrantfile
Created Feb 24, 2020
Personal vagrantfile
View Vagrantfile
# encoding: utf-8
# -*- mode: ruby -*-
# vi: set ft=ruby :
VAGRANT_BOX = 'bento/ubuntu-18.10'
VM_NAME = 'vagrant'
VM_USER = 'vagrant'
MAC_USER = 'alan'
HOST_PATH = '/Users/' + MAC_USER + '/Code/'
@ex0dus-0x
ex0dus-0x / test.c
Last active Mar 10, 2021
Throwing the KLEE symbolic execution engine against crypto libraries
View test.c
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "monocypher/monocypher.c"
#include "tweetnacl/tweetnacl.h"
#include <klee/klee.h>
int
main(int argc, char **argv)
View bench_internal.c
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include "include/secp256k1.h"
#include "field_impl.h"
#include "secp256k1.c"