Skip to content

Instantly share code, notes, and snippets.

View mnrkbys's full-sized avatar

Minoru Kobayashi mnrkbys

  • Internet Initiative Japan Inc.
  • Tokyo, Japan
  • X @unkn0wnbit
View GitHub Profile
@theevilbit
theevilbit / get_apple_technotes.sh
Created March 26, 2024 09:13
Download Apple Technotes
#!/bin/zsh
#ugly script bu works. Most of the time. You might need to rerun to get all pages.
#need to open the pages before we can do --print-to-pdf or --dump-dom as otherwise it doesn't load them
#doing PDFs as raw htmls look really ugly
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --incognito https://developer.apple.com/documentation/technotes/
sleep 10
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --headless=new --incognito --dump-dom https://developer.apple.com/documentation/technotes/ > technotes.html
cat technotes.html | grep -Eo "href=\"/documentation/technotes/tn[a-zA-Z0-9/-]*\"" | cut -d "\"" -f 2 | cut -d "/" -f 4 | sort -u > urls.txt
@doraTeX
doraTeX / maskFaces.sh
Last active March 27, 2024 12:43
A macOS script that masks faces of individuals in photos using emojis ( https://doratex.hatenablog.jp/entry/20240324/1711246435 )
#!/bin/bash
SCRIPTNAME=$(basename "$0")
function realpath () {
f=$@
if [ -d "$f" ]; then
base=""
dir="$f"
else
base="/$(basename "$f")"
@Dump-GUY
Dump-GUY / hint_calls.py
Created March 18, 2024 07:30
Modified version of Willi Ballenthin IDA Plugin hint_calls.py ported to support Python2/3 and IDA>=7.4 (tested IDA 7.7, 8.4)
'''
IDA plugin to display the calls and strings referenced by a function as hints.
Installation: put this file in your %IDADIR%/plugins/ directory.
Author: Willi Ballenthin <william.ballenthin@fireeye.com>
Licence: Apache 2.0
'''
import idc
import idaapi
import idautils
@cparmn
cparmn / AMSI-Authenticode.ps1
Created March 20, 2023 17:13
AMSI Provider Information
function AMSI-Authenticode {
param (
[Parameter(Mandatory=$false)]
[switch]$EnableAuthenticodeSigning,
[switch]$DisableAuthenticodeSigning
)
if ($EnableAuthenticodeSigning) {
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\AMSI" -Name "FeatureBits" -Value 0x2 -Type DWord
@vocaeq
vocaeq / inject.c
Last active April 2, 2024 09:09 — forked from knightsc/inject.c
An example of how to inject code to call dlopen and load a dylib into a remote mach task. Tested on 12.5 M1 Pro.
#include <dlfcn.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <mach/mach.h>
#include <mach/error.h>
#include <errno.h>
#include <stdlib.h>
#include <sys/sysctl.h>
#include <sys/mman.h>
@Wra7h
Wra7h / Get-ProcessPipes.ps1
Last active March 4, 2024 09:11
Use PowerShell to get the PIDs associated with Named Pipes
function Get-ProcessPipes{
param(
[Parameter(Mandatory=$false)]
[string]$CSV,
[Parameter(Mandatory=$false)]
[switch]$All
)
Add-Type -TypeDefinition @"
using System;
@mgraeber-rc
mgraeber-rc / AMSITools.psm1
Created November 10, 2021 18:41
Get-AMSIEvent and Send-AmsiContent are helper functions used to validate AMSI ETW events. Note: because this script contains the word AMSI, it will flag most AV engines. Add an exception on a test system accordingly in order to get this to work.
filter Send-AmsiContent {
<#
.SYNOPSIS
Supplies the AmsiScanBuffer function with a buffer to be scanned by an AMSI provider.
Author: Matt Graeber
Company: Red Canary
.DESCRIPTION
@jborean93
jborean93 / Get-RegKeyInfo.ps1
Created April 29, 2021 03:34
Gets detailed information about a registry key
# Copyright: (c) 2021, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)
Function Get-RegKeyInfo {
<#
.SYNOPSIS
Gets details about a registry key.
.DESCRIPTION
Gets very low level details about a registry key.
@brunerd
brunerd / maclTrack.command
Last active June 16, 2022 18:59
Examine all the com.apple.macl entries on files and folders
#!/bin/bash
: <<-EOL
MIT License
Copyright (c) 2020 Joel Bruner
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell