utkonos
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Expand-Archive -LiteralPath $args[0] | |
| Remove-Item $args[0] | |
| Remove-Item -Recurse C:\RE\snapshot* | |
| Move-Item "snapshot*" C:\RE | |
| Remove-Item $env:USERPROFILE\Desktop\x32dbg.lnk | |
| Remove-Item $env:USERPROFILE\Desktop\x64dbg.lnk | |
| New-Item -ItemType SymbolicLink -Path $env:USERPROFILE\Desktop -Name "x32dbg.lnk" -Value "C:\RE\snapshot*\release\x32\x32dbg.exe" | |
| New-Item -ItemType SymbolicLink -Path $env:USERPROFILE\Desktop -Name "x64dbg.lnk" -Value "C:\RE\snapshot*\release\x64\x64dbg.exe" | |
| Remove-Item $env:USERPROFILE\Desktop\update_x64dbg.ps1 |
utkonos
/ test_linters.py
Last active
May 17, 2022 14:19
Unit Test Suite for pycodestyle, pydocstyle, and pyflakes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2022 Malwarology LLC | |
| # | |
| # Use of this source code is governed by an MIT-style | |
| # license that can be found in the LICENSE file or at | |
| # https://opensource.org/licenses/MIT. | |
| """Unit test module for linting the project modules and the unit test modules.""" | |
| import contextlib | |
| import io | |
| import pathlib | |
| import unittest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| import base64 | |
| import pathlib | |
| import tqdm.auto | |
| import winrm | |
| def send_file(s, source, destination): | |
| """Send file to remote location in base64 encoded chunks via WinRM.""" | |
| chunk_size = 2048 |
utkonos
/ View RT_VERSION.ipynb
Last active
November 30, 2022 15:12
View RT_VERSION Resources in PE EXE
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
utkonos
/ edit_ubuntu_autoinstall.py
Last active
January 10, 2024 03:21
Simple Python Script to Edit an Ubuntu ISO to Add Automated Server Install Capability
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import io | |
| import pathlib | |
| import pycdlib | |
| ubuntu = pathlib.Path('ubuntu-22.04.1-live-server-amd64.iso') | |
| new_iso_path = pathlib.Path('ubuntu-22.04.1-live-server-amd64-auto.iso') | |
| iso = pycdlib.PyCdlib() | |
| iso.open(ubuntu) |
utkonos
/ paste_auto_symbol.py
Created
January 17, 2024 01:02
Paste clipboard to automatic symbol name.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """Paste clipboard to automatic symbol name. | |
| Binary Ninja plugin for pasting the contents of the clipboard to the name of an automatically detected library function | |
| symbol or data symbol. This retains the amber color of library functions in the Symbol pane. | |
| """ | |
| from binaryninja.enums import SymbolType | |
| from binaryninja.plugin import PluginCommand | |
| from binaryninja.types import Symbol | |
| import PySide6 |
utkonos
/ copy_yara_format_bytes.py
Created
January 17, 2024 00:56
Binary Ninja plugin for copying opcode bytes to the clipboard formatted to YARA best practice
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """Binary Ninja plugin for copying opcode bytes to the clipboard formatted to YARA best practice.""" | |
| import json | |
| from binaryninja.enums import InstructionTextTokenType, LinearDisassemblyLineType | |
| from binaryninja.interaction import get_text_line_input | |
| from binaryninja.plugin import PluginCommand | |
| from binaryninja.settings import Settings | |
| import PySide6 | |
| s = Settings() |
utkonos
/ PrintSymbolSimplifiedName.java
Created
January 17, 2024 16:25
Print simplified name of a selected symbol in Ghidra
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* ### | |
| * IP: GHIDRA | |
| * | |
| * Licensed under the Apache License, Version 2.0 (the "License"); | |
| * you may not use this file except in compliance with the License. | |
| * You may obtain a copy of the License at | |
| * | |
| * http://www.apache.org/licenses/LICENSE-2.0 | |
| * | |
| * Unless required by applicable law or agreed to in writing, software |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $filePath = $args[0] | |
| $addr_e_lfanew = 0x3c | |
| $uint32 = 0x4 | |
| $fh = [System.IO.File]::Open($filePath, [System.IO.FileMode]::Open, [System.IO.FileAccess]::ReadWrite) | |
| $fh.Seek($addr_e_lfanew, [System.IO.SeekOrigin]::Begin) | |
| $buffer = New-Object byte[] $uint32 | |
| $_ = $fh.Read($buffer, 0, $uint32) | |
| $e_lfanew = [System.BitConverter]::ToUInt32($buffer, 0) | |
| Write-Output $e_lfanew |