Title: Simple Sabotage Field Manual Author: Strategic Services Office of Strategic Services
In another topic someone was wondering about the new advantage/disadvantage mechanic, and under which situations it comes into effect. Because basic rules don't include a dedicated list (understandable, as it's usually a side effect of a very wide variety of actions or situations) I wrote a summary with the information from the different instances where advantage or disadvantage are mentioned in the basic rules, just in case anyone else is curious. I separated it by context:
RACES
''' | |
Based on the initial work of Digininja at https://github.com/digininja/CeWL. While CeWL is a script written | |
in Ruby that requires an independent crawl of a website in order to build a custom wordlist, Whey CeWLer | |
runs within Portswigger's Burp Suite and parses an already crawled sitemap to build a custom wordlist. It | |
does not have the meta data parsing capabilities that CeWL does, but it more than makes up for it in | |
convenience. | |
The name gets its origins from the CeWLer portion of the CO2 Burp extension by Jason Gillam, which is written | |
in Java and does something similar, but Whey CeWLer is a completely reimagined extension written in Python, | |
making it "way cooler". |
Thank you to SpecterOps for supporting this research and to Duane and Matt for proofreading and editing! Crossposted on the SpecterOps Blog.
TLDR: You may use this header file for reliable compile time string encryption without needing any additional dependencies.
Programmers of DRM software, security products, or other sensitive code bases are commonly required to minimize the amount of human readable strings in binary output files. The goal of the minimization is to hinder others from reverse engineering their proprietary technology.
Common approaches that are taken to meet this requirement often add an additional maintenance burden to the developer and are prone to error. These approaches will be presented along with t
import frida | |
import sys | |
def on_message(message, data): | |
if message['type'] == 'send': | |
print(message['payload']) | |
elif message['type'] == 'error': | |
print(message['stack']) | |
else: | |
print(message) |
# MINIMAL USB gadget setup using CONFIGFS for simulating Razer Gaming HID | |
# devices for triggering the vulnerable Windows Driver installer | |
# credits for the Windows Driver install vuln: @j0nh4t | |
# | |
# https://twitter.com/j0nh4t/status/1429049506021138437 | |
# https://twitter.com/an0n_r0/status/1429263450748895236 | |
# | |
# the script was developed & tested on Android LineageOS 18.1 |
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
//Compile: PS C:\> C:\Windows\Microsoft.NET\Framework64\v3.5\csc.exe .\mboxexecute.cs | |
//Usage: PS C:\> .\mboxexecute.exe <path to shellcode> | |
//References: | |
// https://docs.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-messageboxindirecta | |
// https://docs.microsoft.com/en-us/windows/win32/api/winuser/ns-winuser-msgboxparamsa | |
using System; | |
using System.IO; |
using System; | |
using System.Net; | |
using System.Diagnostics; | |
using System.Reflection; | |
using System.Configuration.Install; | |
using System.Runtime.InteropServices; | |
/* | |
Author: Casey Smith, Twitter: @subTee | |
License: BSD 3-Clause |