Skip to content

Instantly share code, notes, and snippets.

View klezVirus's full-sized avatar

klezVirus

1k followers · 29 following
View GitHub Profile
@klezVirus
klezVirus / rekall-inspect-with-yara.sh
Created March 8, 2024 22:49 — forked from jas-/rekall-inspect-with-yara.sh
#!/bin/bash
# Create a timestamp
ts="$(date +%Y%m%d)"
# Determine running directory
cwd="$(pwd $(dirname $0))"
# Define build_file
build_file=
@klezVirus
klezVirus / flutter-disabler.sh
Created February 21, 2024 09:55
Quick and Simple Script to De-Flutter an iOS/Android Mobile Application
#!/bin/sh
# Default values
input_apk=""
signer_path=""
# Function to display help message
print_help() {
echo "Usage: $0 -i <input_apk> [-s <signer_path>]"
echo ""
@klezVirus
klezVirus / aes_inv_mix_columns_test.py
Created November 5, 2023 12:12
Little AES InvMixColumns Test
def gf_mul_by_09(num):
ret = gf_mul_by_02(gf_mul_by_02(gf_mul_by_02(num))) ^ num
return ret
def gf_mul_by_0b(num):
ret = gf_mul_by_02(gf_mul_by_02(gf_mul_by_02(num))) ^ gf_mul_by_02(num) ^ num
return ret
@klezVirus
klezVirus / gist:909b6eac40e87e1b7a3d63431f74b630
Created September 19, 2023 07:20 — forked from pcmoritz/gist:4b0e1be7f2dfcc4e51e2ace50426f67d
Powerpoint create slides for animations while retaining slide numbers
Option Explicit
Sub AddElements()
Dim shp As Shape
Dim i As Integer, n As Integer
n = ActivePresentation.Slides.Count
For i = 1 To n
Dim s As Slide
Set s = ActivePresentation.Slides(i)
@klezVirus
klezVirus / ios_xcarchive-to-ipa.txt
Created August 29, 2023 12:52 — forked from Bruno-Furtado/ios_xcarchive-to-ipa.txt
Convert Xcarchive to IPA
xcodebuild
-exportArchive
-exportOptionsPlist {PATH_TO_PROJECT_ROOT}/ios/build/info.plist
-archivePath {PATH_TO_ARCHIVE_MADE_USING_XCODE}/App.xcarchive
-exportPath {PATH_TO_EXPORT_THE_APP}/App.ipa
@klezVirus
klezVirus / frier.py
Last active March 27, 2023 09:56
Attempt to hook a NT functionwhile also try to recover partial information about the caller (module, address)
import frida
import sys
import subprocess
import ctypes
import threading
import multiprocessing
import argparse
def inject_dummy():
@klezVirus
klezVirus / rl_glue.py
Created November 14, 2022 08:10 — forked from niektuytel/rl_glue.py
RLGlue for python 3
class RLGlue:
"""RLGlue class
args:
env_name (string): the name of the module where the Environment class can be found
agent_name (string): the name of the module where the Agent class can be found
"""
def __init__(self, env_class, agent_class):
self.environment = env_class()
self.agent = agent_class()
@klezVirus
klezVirus / crewl.py
Created October 22, 2022 22:02 — forked from FrankSpierings/crewl.py
CeWL alternative in Python, based on Scrapy Framework.
# -*- coding: utf-8 -*-
import scrapy
import argparse
import re
from scrapy import signals
from scrapy.spiders import CrawlSpider, Rule
from scrapy.linkextractors import LinkExtractor
from scrapy.crawler import CrawlerProcess
@klezVirus
klezVirus / GenericWriteRBCD.ps1
Last active February 16, 2023 15:43
Exploit the GenericWrite DACL on a computer object (from a user or computer account)
function Invoke-GenericWriteRBCD
{
<# Based on Gist by dirkjan - Packed to be used from a C2 #>
[CmdletBinding()]
param
(
[Parameter(Mandatory=$True, HelpMessage="The name for the newly created computer")]
[string]$Computer,
@klezVirus
klezVirus / rbcd_demo.ps1
Created September 26, 2021 18:47 — forked from HarmJ0y/rbcd_demo.ps1
Resource-based constrained delegation computer DACL takeover demo
# import the necessary toolsets
Import-Module .\powermad.ps1
Import-Module .\powerview.ps1
# we are TESTLAB\attacker, who has GenericWrite rights over the primary$ computer account
whoami
# the target computer object we're taking over
$TargetComputer = "primary.testlab.local"