Skip to content

Instantly share code, notes, and snippets.

View tree.js
// CC-BY: hasherezade (hasherezade.net)
function makeTree(height = 6)
{
var treeHtml="";
var width = 1;
var leaf = "###"
var snow = "-*-";
var snowC = 4;
@hasherezade
hasherezade / wchar_to_char.py
Last active Jun 2, 2016
Converts wide string to string
View wchar_to_char.py
#!/usr/bin/python
# CC-BY: hasherezade
"""Convert wchar string to char string"""
import argparse
def convert(data):
maxlen = len(data)
decoded = bytearray()
i = 0
@hasherezade
hasherezade / test.asm
Last active Jun 2, 2016
mini bootloader for educational purposes
View test.asm
; mini bootloader for educational purposes
; CC-BY: hasherezade
;
; compile:
; nasm test.asm -f bin -o test.bin
;
; Copy to flash disk (as root)
; example if the flash disk is /dev/sdb:
; dd if=test.bin of=/dev/sdb bs=512 count=1
;
@hasherezade
hasherezade / de-crypter1.cpp
Last active Jun 2, 2016
DeCrypter refactored
View de-crypter1.cpp
// XOR Crypter decoder
// CC-BY: hasherezade
// for Malwarebytes
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#ifdef _MSC_VER
#include <stdint.h>
View YOUR_FILES_ARE_ENCRYPTED.HTML
<!--
Take advantage of our affiliate-program!
We offer you 50% of our profits.
You can reach us via the bitmessage address:
BM-2cW44Yq9DWbHYnRSfzBLVxvE6WjadchNBt
----------------------------------------------------
Profitieren Sie von unserem Affiliate-Programm!
Wir bieten Ihnen 50% der erzielten Gewinne.
View xor_decoder.py
#!/usr/bin/python
import sys, argparse
import re
def get_bytes(buf):
if not buf:
return None
t = re.findall ('[0-9a-fA-F]{2}', buf)
byte_buf = []
@hasherezade
hasherezade / dyreza_decoder.py
Last active Jun 2, 2016
Dyreza resources decoders (as input use dumped resource files)
View dyreza_decoder.py
#!/usr/bin/python
"Decodes dyreza resources from the original Exe"
__AUTHOR__ = 'hasherezade'
import argparse
def decode(data, key_data):
decoded = bytearray()
i = 0
for i in range(0, len(data)):
@hasherezade
hasherezade / cnc_gen.py
Last active Jun 2, 2016
Script for finding XOR value used to calculate Bunitu CnC's IP
View cnc_gen.py
#!/usr/bin/env python2.7
"Script for finding XOR value used to calculate CnC's IP (for Bunitu)"
__AUTHOR__ = 'hasherezade'
__VERSION__ = '0.1'
import sys
import time
import struct
import socket
View file_sieve.py
#!/usr/bin/env python
"Copies/moves files from the list into the separate folder, CC-BY: hasherezade"
__VERSION__ = "0.1"
import sys
import os
import re
import argparse
View callRegTracer.py
#!/usr/bin/env python
"""
(c) hAsh, 2015 run via ImmunityDbg
"""
__VERSION__ = '0.3.1'
__AUTHOR__ = 'hAsh'
import immlib
import pefile