| From | To | Expression |
|---|
superponible
jaredcatkinson
/ Get-InjectedThread.ps1
Last active
July 1, 2024 08:32
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Get-InjectedThread | |
| { | |
| <# | |
| .SYNOPSIS | |
| Looks for threads that were created as a result of code injection. | |
| .DESCRIPTION | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################ | |
| # Dockerfile to create a CyberChef Container | |
| # Based on Ubuntu 16.04, Node.js 7.x | |
| # | |
| # Clean build: docker build --no-cache=true --tag=cyberchef:<version> . | |
| # Incremental build: docker build --tag=cyberchef:<version> . | |
| # Run container: docker run -d -p 127.0.0.1:8080:80 --name cyberchef -t cyberchef:<version> | |
| # example: docker run -d -p 127.0.0.1:8080:80 --name cyberchef -t cyberchef:1.0 | |
| ############################################################ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook | |
| # The checks are simple and can give false positives. Amend the hook in the specific repository. | |
| if git rev-parse --verify HEAD >/dev/null 2>&1 | |
| then | |
| against=HEAD | |
| else | |
| # Initial commit: diff against an empty tree object |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;SMBDIS.ASM - A COMPREHENSIVE SUPER MARIO BROS. DISASSEMBLY | |
| ;by doppelganger (doppelheathen@gmail.com) | |
| ;This file is provided for your own use as-is. It will require the character rom data | |
| ;and an iNES file header to get it to work. | |
| ;There are so many people I have to thank for this, that taking all the credit for | |
| ;myself would be an unforgivable act of arrogance. Without their help this would | |
| ;probably not be possible. So I thank all the peeps in the nesdev scene whose insight into | |
| ;the 6502 and the NES helped me learn how it works (you guys know who you are, there's no |