andretavare5

import pefile
import struct
from capstone import *

def extract_var(op):
    if ']' in op:
        op = ''.join(op.split(' ')[-1])[:-1].replace('[', '')
    return op

def search(instructions, var):

MalwareTech

import socket 
import struct

def dump_c2_list(c2_list):
    for i in range(0xFFFFFF):
    
        ip = Dword(c2_list + (i*8))
        if ip == 0:
            break;
        

fox-srt

#!/usr/bin/env python
"""
Netsarang backdoor DNS payload decrypter

file:     decode_shadowpad_dns.py
author:   Fox-IT Security Research Team <srt@fox-it.com>

 Usage: 
   $ cat dns.txt
   sajajlyoogrmkllmuoqiyaxlymwlvajdkouhkdyiyolamdjivho.cjpybuhwnjgkhllm.nylalobghyhirgh.com

cvan

Instructions

CloudFlare is an awesome reverse cache proxy and CDN that provides DNS, free HTTPS (TLS) support, best-in-class performance settings (gzip, SDCH, HTTP/2, sane Cache-Control and E-Tag headers, etc.), minification, etc.

1. Make sure you have registered a domain name.
2. Sign up for CloudFlare and create an account for your domain.
3. In your domain registrar's admin panel, point the nameservers to CloudFlare's (refer to this awesome list of links for instructions for various registrars).
4. From the CloudFlare settings for that domain, enable HTTPS/SSL and set up a Page Rule to force HTTPS redirects. (If you want to get fancy, you can also enable automatic minification for text-based assets [HTML/CSS/JS/SVG/etc.], which is a pretty cool feature if you don't want already have a build step for minification.)
5. If you

bearfrieze

Comprehensions in Python the Jedi way

by Bjørn Friese

Beautiful is better than ugly. Explicit is better than implicit.

-- The Zen of Python

I frequently deal with collections of things in the programs I write. Collections of droids, jedis, planets, lightsabers, starfighters, etc. When programming in Python, these collections of things are usually represented as lists, sets and dictionaries. Oftentimes, what I want to do with collections is to transform them in various ways. Comprehensions is a powerful syntax for doing just that. I use them extensively, and it's one of the things that keep me coming back to Python. Let me show you a few examples of the incredible usefulness of comprehensions.

mrphilroth

Examining Malware with Python

Me

• Phil Roth
• @mrphilroth
• Endgame

General

Neo23x0

This Gist has been transfered into a Github Repo. You'll find the most recent version here.

YARA Performance Guidelines

When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.

• Revision 1.4, October 2020, applies to all YARA versions higher than 3.7

Zearin

NOTE: This is a question I found on StackOverflow which I’ve archived here, because the answer is so effing phenomenal.

---

Q: How can I make a chain of function decorators in Python?

---

If you are not into long explanations, see [Paolo Bergantino’s answer][2].

bsweger

Useful Pandas Snippets

A personal diary of DataFrame munging over the years.

Data Types and Conversion

Convert Series datatype to numeric (will error if column has non-numeric values)
(h/t @makmanalp)

Bouke

Previous versions used homebrew to install the various versions. As suggested in the comments, it's better to use pyenv instead. If you are looking for the previous version of this document, see the revision history.

$ brew update
$ brew install pyenv
$ pyenv install 3.5.0
$ pyenv install 3.4.3
$ pyenv install 3.3.6
$ pyenv install 3.2.6
$ pyenv install 2.7.10

$ pyenv install 2.6.9