Skip to content

Instantly share code, notes, and snippets.

View jgru's full-sized avatar

Jan jgru

48 followers · 51 following
View GitHub Profile
@jgru
jgru / BlackMatterApiHashing.java
Last active January 11, 2022 15:55
BlackMatterApiHashing
//@author jgru (building up on a script of larsborn)
//@category _NEW_
//@keybinding
//@menupath
//@toolbar
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Files;
@jgru
jgru / toS3.py
Created December 21, 2021 06:01
Helper script to upload `STDIN` directly to AWS S3 storage by utilizing `boto`
#!/usr/bin/env python3
# Perform a multipart upload to Amazon S3 of data read from stdin.
#
# Example usage:
# tar -C / -cpjO /home | toS3 -k aws.key -b com-example-backup -o home.tar.bz2
#
# Originally authored from
# https://www.vennedey.net/blog/1-Pipe-data-from-STDIN-to-Amazon-S3
# Adapted to python3
@jgru
jgru / opendetex.org
Last active November 16, 2021 19:22
Dockerized Detex - a utility for extracting plain text from TeX and LaTeX sources

How to use detex

Create or download Dockerfile:

cat > Dockerfile <<EOF
FROM debian:bookworm-slim
WORKDIR /usr/local/src
RUN apt-get update -y && apt-get install -y gcc make git flex
RUN git clone https://github.com/pkubowicz/opendetex.git
RUN cd /usr/local/src/opendetex && make all && make install
@jgru
jgru / how-to-compile-tsk-on-win.org
Last active October 15, 2021 09:56
Build Sleuthkit (and fiwalk) on Windows 10 with MSYS2 MinGW

Build Sleuthkit (and fiwalk) on Windows 10 with MSYS2 MinGW

  1. Follow installation instructions at https://www.msys2.org/ to install the minimum GNU for Windows toolchain
  2. Get the sleuthkit sources and extract those 
    Invoke-WebRequest -Uri https://github.com/sleuthkit/sleuthkit/archive/refs/tags/sleuthkit-4.11.0.zip -OutFile ".\sleuthkit-4.11.0.zip"
Expand-Archive .\sleuthkit-4.11.0.zip
  3. Copy the sleuthkit directory to C:\msys64\home\<user>\
  4. Run MSYS2 MinGW either from start menu or from a powershell:
@jgru
jgru / ida-keybindings-for-ghidra.kbxml
Created October 15, 2021 06:23
IDA Pro Keybindings for Ghidra
<?xml version="1.0" encoding="UTF-8"?>
<CATEGORY NAME="Key Bindings">
<WRAPPED_OPTION NAME="Source Code Lookup (SourceCodeLookupPlugin)" CLASS="ghidra.framework.options.WrappedKeyStroke">
<CLEARED_VALUE />
</WRAPPED_OPTION>
<WRAPPED_OPTION NAME="Remove Stack Depth Change (FunctionPlugin)" CLASS="ghidra.framework.options.WrappedKeyStroke">
<STATE NAME="KeyCode" TYPE="int" VALUE="127" />
<STATE NAME="Modifiers" TYPE="int" VALUE="0" />
</WRAPPED_OPTION>
<WRAPPED_OPTION NAME="Export Program (ExporterPlugin)" CLASS="ghidra.framework.options.WrappedKeyStroke">
@jgru
jgru / Dockerfile
Created August 14, 2021 11:09
Autopsy 4.19.0 in a Docker
FROM ubuntu:20.04
ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update
RUN apt-get install -y testdisk wget gnupg
RUN wget -q -O - https://download.bell-sw.com/pki/GPG-KEY-bellsoft | apt-key add -
RUN echo "deb [arch=amd64] https://apt.bell-sw.com/ stable main" > /etc/apt/sources.list.d/bellsoft.list
RUN apt-get update
@jgru
jgru / respawn_wnd.c
Last active July 15, 2021 15:12
A helper program based on Win32-API, which respawns a window on each click to test the automatic injection of mouse clicks in a sandbox guest
/*
* The purpose of this Win32 API-program is to test the reconstruction
* of a GUI via virtual machine introspection and to test the
* injection of mouse clicks.
*
* To do this, the program creates a randomly sized window and displays
* it at a random screen location. If the button containing one of the
* specified button labels is clicked, it will immediately respawn
* another randomized instance. This goes onward forever until the
* "Quit"-button is clicked.
@jgru
jgru / cli_template.py
Last active June 5, 2021 14:24
A minimal template for building a CLI, which reads from a positional file-parameter, if such an argument is existent and from stdin otherwise.
#!/usr/bin/python3
import argparse
import sys
"""
This is a minimal template for building a CLI, which reads from a positional file-parameter, if such a argument is
existent and from stdin otherwise.
Usage:
@jgru
jgru / mouselogger.c
Last active May 23, 2021 13:52
A simple program to continuously retrieve mouse coordinates with the help of Win32-API and send those via TCP to a specified host.
#include <windows.h>
#include <winuser.h>
#include <stdio.h>
#include <stdlib.h>
#include <winsock2.h>
/*
* This program records the current cursor position in a given interval and sends
* the retrieved coordinates in a TCP stream to the specified host and port.
* The program utilizes the Win32-API to collect query the cursor position.
@jgru
jgru / mousejiggler.ino
Last active May 23, 2021 13:26
Mouse jiggler code for a Digispark USB board development board. Tested on an ATtiny85, upload it by using Arduino IDE
// Inspired by: https://blog.jeronimus.net/2019/08/attiny85-mouse.html
#include <DigiMouse.h>
void setup() {
DigiMouse.begin(); //start or reenumerate USB
}
// Moves mouse pointer left and right by 2 px and blinks the LED