I hereby claim:
- I am learn-more on github.
- I am learn_more (https://keybase.io/learn_more) on keybase.
- I have a public key ASCbRTPJzY3UgD4_e0862d4vS13CANf49qaDZbvGxaRU0go
To claim this, I am signing this object:
Mark Jansen learn-more
learn-more
/ keybase.md
Created
November 10, 2022 17:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import pefile | |
| import glob | |
| import os | |
| def main(base_dir): | |
| print('Printing the first occurence of an import from', base_dir) | |
| known_imports = [] | |
| for filename in glob.iglob(os.path.join(base_dir, '**', '*.exe'), recursive=True): |
learn-more
/ shellex_tool.cpp
Last active
June 16, 2018 12:02
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <windows.h> | |
| #include <objbase.h> | |
| #include <shlobj.h> | |
| #include <shlwapi.h> | |
| #include <shellapi.h> | |
| #include <atlbase.h> | |
| #include <atlcom.h> | |
| #include <atlwin.h> | |
| #include <atlsimpcoll.h> |
learn-more
/ analyze_binaries.py
Created
June 10, 2017 19:43
Analyze ReactOS binaries from a build dir
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import os | |
| import re | |
| import pefile | |
| CMAKE_PREFIX = '# Install script for directory: ' | |
| MANIFEST_DIR = pefile.DIRECTORY_ENTRY['IMAGE_DIRECTORY_ENTRY_RESOURCE'] | |
| IMPORT_DIR = pefile.DIRECTORY_ENTRY['IMAGE_DIRECTORY_ENTRY_IMPORT'] | |
| MANIFEST_ID = pefile.RESOURCE_TYPE['RT_MANIFEST'] | |
| INCLUDE_FILES = ('.exe', '.dll', '.acm', '.ax', '.cpl', '.drv', '.ocx') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| PROJECT: ReactOS RosSym IDA Extension - python 3.x | |
| LICENSE: MIT (https://spdx.org/licenses/MIT) | |
| PURPOSE: Decode RosSym symbols | |
| COPYRIGHT: Copyright 2017-2019 Mark Jansen (mark.jansen@reactos.org) | |
| ''' | |
| import idaapi | |
| import idautils | |
| import struct | |
| import ctypes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <atlbase.h> | |
| #include <atlcom.h> | |
| #include <atlcomcli.h> | |
| #include <comdef.h> | |
| #include <Propvarutil.h> | |
| #include <shobjidl.h> | |
| #include <atlsafe.h> | |
| #include <strsafe.h> | |
| #pragma comment(lib, "Propsys.lib") |