Skip to content

Instantly share code, notes, and snippets.

View ioncodes's full-sized avatar
😴
Playing with memory regions...

Layle | Luca ioncodes

😴
Playing with memory regions...
649 followers · 69 following
View GitHub Profile
@lugrus2000
lugrus2000 / How to Crack SublimeText and SublumeMerge.md
Last active July 10, 2024 02:43
How to Crack SublimeText and SublumeMerge
@aaaddress1
aaaddress1 / veh_AmsiBypass.cpp
Created July 20, 2021 03:07
(VEH) AMSI Bypass without Memory Patch
// Exception-Based AMSI Bypass
// by aaaddress1@chroot.org
#include <amsi.h>
#include <iostream>
#include <Windows.h>
#pragma comment(lib, "amsi.lib")
#pragma comment(lib, "ole32.lib")
#pragma warning( disable : 4996 )
#define AMSIPROJECTNAME L"scanner"
@stevemk14ebr
stevemk14ebr / stpgetargtype_dump.json
Created April 11, 2021 18:15
DTrace's StpGetArgType accesses a metadata table that stores complete arg type information for every syscall.
[
[
"NtLockProductActivationKeys",
[
"UInt32 *",
"UInt32 *"
]
],
[
"NtLockProductActivationKeys",
@ecthiender
ecthiender / doom_emacs_for_haskell.md
Last active June 7, 2024 04:28
Step by step instructions to setup doom emacs for Haskell + Haskell Language Server (LSP)

Install doom emacs

git clone --depth 1 https://github.com/hlissner/doom-emacs ~/.emacs.d
cd ~/.emacs.d
bin/doom install

Optional

@nstarke
nstarke / 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Last active June 5, 2024 19:01
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra

Reversing Raw Binary Firmware Files in Ghidra

This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.

Prep work in Binwalk

I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.

While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.

@7MinSec
7MinSec / Password_cracking_in_the_cloud.md
Last active August 24, 2023 14:24
Password cracking in the cloud
@herrcore
herrcore / HexCopy.py
Last active November 11, 2021 10:57
IDA Plugin for quickly copying disassembly as encoded hex bytes (updated for IDA 7xx) - moved https://github.com/OALabs/hexcopy-ida
Moved: https://github.com/OALabs/hexcopy-ida
@oznu
oznu / README.md
Last active July 18, 2024 05:32
QEMU + Ubuntu ARM aarch64

QEMU + Ubuntu ARM aarch64

These are the steps I used to get Ubuntu ARM aarch64 running with QEMU on OSX.

Get Ubuntu Image and QEMU EFI:

wget https://cloud-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-arm64-uefi1.img
wget https://releases.linaro.org/components/kernel/uefi-linaro/latest/release/qemu64/QEMU_EFI.fd
@yupferris
yupferris / mt.rs
Last active August 20, 2018 08:44
Mario's Tennis graphics decompression routine in Rust-like pseudo-code. Manual decompilation is a bitch. :)
fn decompress(mut src: *const u8, dst: *mut u8) {
// Skip first 2 bytes (they're always zero)
src += 2;
let original_dst = dst;
// Load bytes_left
let mut bytes_left = ((*src as i32) << 8) + 1;
src += 1;
bytes_left += *src as i32;
@ThunderCls
ThunderCls / visual_studio_dark_theme.ini
Last active June 19, 2024 01:48
Visual Studio Dark Theme by ThunderCls (http://i.imgur.com/auzFPxf.png)
[Colors]
AbstractTableViewBackgroundColor=#252526
AbstractTableViewHeaderTextColor=#000000
AbstractTableViewSelectionColor=#323238
AbstractTableViewSeparatorColor=#64646F
AbstractTableViewTextColor=#E8EADE
DisassemblyAddressBackgroundColor=#XXXXXX
DisassemblyAddressColor=#BD63C5
DisassemblyAutoCommentBackgroundColor=#XXXXXX
DisassemblyAutoCommentColor=#787878