hasherezade hasherezade

## local_llm.md

      
              2 files
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                hasherezade
                / local_llm.md
            
            
              Last active
              June 12, 2026 18:53
            
              
                Local LLM cheat-sheet
              
          
    OLLAMA

Install

curl -fsSL https://ollama.com/install.sh | sh

Download model


## kvm-off.sh
#!/bin/bash
set -e

echo "[+] Disabling KVM modules..."

sudo modprobe -r kvm_intel 2>/dev/null || true
sudo modprobe -r kvm_amd 2>/dev/null || true
sudo modprobe -r kvm 2>/dev/null || true

echo "[✓] KVM disabled"

## talk_claude.py
#!/usr/bin/env python3

import os
import requests
import json

API_KEY = os.getenv("ANTHROPIC_API_KEY")
if not API_KEY:
    raise ValueError("Please set the ANTHROPIC_API_KEY environment variable.")

## ida_disasm_curr.py
# Walk current function and print its disassembly
import ida_funcs
import ida_kernwin
import idautils
import ida_lines
import idc

def print_func_disasm(ea=None):
    """
    Walks from the beginning to the end of the function containing `ea`

## params.txt
kernel32;LoadLibraryW;1
kernel32;LoadLibraryA;1
kernel32;GetProcAddress;2
advapi32;RegQueryValueW;3
advapi32;RegOpenKeyExW;5
advapi32;RegQueryValueExW;6
kernel32;CreateFileW;6
kernel32;VirtualProtect;4
wininet;InternetCrackUrlA;4
wininet;InternetOpenA;5

## delta_patch.py
import base64
import hashlib
import zlib
from ctypes import (
    CDLL,
    POINTER,
    LittleEndianStructure,
    c_size_t,
    c_ubyte,
    c_uint64,

## aplib_decompress.py
#!/usr/bin/env python3

import malduck
import sys
import argparse

def main():
    parser = argparse.ArgumentParser(description="APLib unpacker")
    parser.add_argument('--inpath', dest="inpath", default=None, help="APLib compressed blob",
                            required=True)

## AllocateLargePool.c
#include <windows.h>
#include <stdio.h>

#pragma comment(lib, "ntdll.lib")

#define SystemBigPoolInformation 0x42
#define ThreadNameInformation 0x26

#define DATA_TO_COPY "AAAAAAAAAAAAABBBBBBBBBBBBBBBCCCCCCCCCCCCCCCDDDDDDDDDDDDDDD"

## gui_threads.cpp
HANDLE find_thread(HANDLE hProcess, DWORD thAccess, bool guiOnly)
{
	DWORD targetPid = GetProcessId(hProcess);
	HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
	THREADENTRY32 thEntry = { sizeof(THREADENTRY32) };

	GUITHREADINFO gui = { 0 };
	gui.cbSize = sizeof(GUITHREADINFO);

	bool isGUIProcess = false;

## PesieveLdr.go
package main

import (
	"fmt"
	"syscall"
	"unsafe"
)

var (
	peSieveDll  = syscall.NewLazyDLL("pe-sieve64.dll")
	#!/bin/bash
	set -e

	echo "[+] Disabling KVM modules..."

	sudo modprobe -r kvm_intel 2>/dev/null \|\| true
	sudo modprobe -r kvm_amd 2>/dev/null \|\| true
	sudo modprobe -r kvm 2>/dev/null \|\| true

	echo "[✓] KVM disabled"
	#!/usr/bin/env python3

	import os
	import requests
	import json

	API_KEY = os.getenv("ANTHROPIC_API_KEY")
	if not API_KEY:
	raise ValueError("Please set the ANTHROPIC_API_KEY environment variable.")
	# Walk current function and print its disassembly
	import ida_funcs
	import ida_kernwin
	import idautils
	import ida_lines
	import idc

	def print_func_disasm(ea=None):
	"""
	Walks from the beginning to the end of the function containing `ea`
	kernel32;LoadLibraryW;1
	kernel32;LoadLibraryA;1
	kernel32;GetProcAddress;2
	advapi32;RegQueryValueW;3
	advapi32;RegOpenKeyExW;5
	advapi32;RegQueryValueExW;6
	kernel32;CreateFileW;6
	kernel32;VirtualProtect;4
	wininet;InternetCrackUrlA;4
	wininet;InternetOpenA;5
	import base64
	import hashlib
	import zlib
	from ctypes import (
	CDLL,
	POINTER,
	LittleEndianStructure,
	c_size_t,
	c_ubyte,
	c_uint64,
	#!/usr/bin/env python3

	import malduck
	import sys
	import argparse

	def main():
	parser = argparse.ArgumentParser(description="APLib unpacker")
	parser.add_argument('--inpath', dest="inpath", default=None, help="APLib compressed blob",
	required=True)
	#include <windows.h>
	#include <stdio.h>

	#pragma comment(lib, "ntdll.lib")

	#define SystemBigPoolInformation 0x42
	#define ThreadNameInformation 0x26

	#define DATA_TO_COPY "AAAAAAAAAAAAABBBBBBBBBBBBBBBCCCCCCCCCCCCCCCDDDDDDDDDDDDDDD"
	HANDLE find_thread(HANDLE hProcess, DWORD thAccess, bool guiOnly)
	{
	DWORD targetPid = GetProcessId(hProcess);
	HANDLE snapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
	THREADENTRY32 thEntry = { sizeof(THREADENTRY32) };

	GUITHREADINFO gui = { 0 };
	gui.cbSize = sizeof(GUITHREADINFO);

	bool isGUIProcess = false;
	package main

	import (
	"fmt"
	"syscall"
	"unsafe"
	)

	var (
	peSieveDll = syscall.NewLazyDLL("pe-sieve64.dll")