This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/zsh | |
#ugly script bu works. Most of the time. You might need to rerun to get all pages. | |
#need to open the pages before we can do --print-to-pdf or --dump-dom as otherwise it doesn't load them | |
#doing PDFs as raw htmls look really ugly | |
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --incognito https://developer.apple.com/documentation/technotes/ | |
sleep 10 | |
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --headless=new --incognito --dump-dom https://developer.apple.com/documentation/technotes/ > technotes.html | |
cat technotes.html | grep -Eo "href=\"/documentation/technotes/tn[a-zA-Z0-9/-]*\"" | cut -d "\"" -f 2 | cut -d "/" -f 4 | sort -u > urls.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
SCRIPTNAME=$(basename "$0") | |
function realpath () { | |
f=$@ | |
if [ -d "$f" ]; then | |
base="" | |
dir="$f" | |
else | |
base="/$(basename "$f")" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
IDA plugin to display the calls and strings referenced by a function as hints. | |
Installation: put this file in your %IDADIR%/plugins/ directory. | |
Author: Willi Ballenthin <william.ballenthin@fireeye.com> | |
Licence: Apache 2.0 | |
''' | |
import idc | |
import idaapi | |
import idautils |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function AMSI-Authenticode { | |
param ( | |
[Parameter(Mandatory=$false)] | |
[switch]$EnableAuthenticodeSigning, | |
[switch]$DisableAuthenticodeSigning | |
) | |
if ($EnableAuthenticodeSigning) { | |
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\AMSI" -Name "FeatureBits" -Value 0x2 -Type DWord |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <dlfcn.h> | |
#include <stdio.h> | |
#include <unistd.h> | |
#include <sys/types.h> | |
#include <mach/mach.h> | |
#include <mach/error.h> | |
#include <errno.h> | |
#include <stdlib.h> | |
#include <sys/sysctl.h> | |
#include <sys/mman.h> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Get-ProcessPipes{ | |
param( | |
[Parameter(Mandatory=$false)] | |
[string]$CSV, | |
[Parameter(Mandatory=$false)] | |
[switch]$All | |
) | |
Add-Type -TypeDefinition @" | |
using System; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re, subprocess, idaapi, ida_segment, ida_kernwin | |
# To install this, simply put it in your ida_install/loaders folder and open | |
# a `/proc/<pid>/mem` file! | |
# | |
# You might need to set `echo 0 > /proc/sys/kernel/yama/ptrace_scope` if you | |
# want to be able to dump processes depending on your system configuration. | |
# Check if the file is supported by our loader | |
def accept_file(li, filename): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
filter Send-AmsiContent { | |
<# | |
.SYNOPSIS | |
Supplies the AmsiScanBuffer function with a buffer to be scanned by an AMSI provider. | |
Author: Matt Graeber | |
Company: Red Canary | |
.DESCRIPTION |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright: (c) 2021, Jordan Borean (@jborean93) <jborean93@gmail.com> | |
# MIT License (see LICENSE or https://opensource.org/licenses/MIT) | |
Function Get-RegKeyInfo { | |
<# | |
.SYNOPSIS | |
Gets details about a registry key. | |
.DESCRIPTION | |
Gets very low level details about a registry key. |
NewerOlder