Skip to content

Instantly share code, notes, and snippets.

View valinet's full-sized avatar

Valentin Radu valinet

1.2k followers · 0 following
View GitHub Profile
@valinet
valinet / WhSignalDrv.c
Created June 22, 2024 17:02
Exmple of DLL and driver that signal Windhawk to scan for new processes
// Example of a driver that helps Windhawk
// inject processes created by inaccessible processes early on
// ==========================================================================
// Valentin-Gabriel Radu, valentin.radu@valinet.ro
//
// Upstream issue:
// https://github.com/ramensoftware/windhawk/issues/197
//
#include <ntifs.h>
#define INVALID_HANDLE_VALUE ((HANDLE)(LONG_PTR)-1)
@valinet
valinet / toast2.c
Last active September 22, 2024 08:38
Send a toast notification in Windows 10/11 using plain C including COM activator
#include <initguid.h>
#include <Windows.h>
#include <roapi.h>
#include <Windows.ui.notifications.h>
#include <notificationactivationcallback.h>
#include <tchar.h>
#include <stdio.h>
#pragma comment(lib, "runtimeobject.lib")
DWORD dwMainThreadId = 0;
@valinet
valinet / DumpStringTable.cpp
Last active December 18, 2024 08:54
DumpStringTable
#include <Windows.h>
#include <iostream>
#include <io.h>
#include <fcntl.h>
BOOL EnumresLang(HMODULE hModule, LPCWSTR lpType, LPCWSTR lpName, WORD wLanguage, LONG_PTR lParam)
{
if (lpType == RT_STRING)
{
const HRSRC res = FindResourceEx(hModule, lpType, lpName, wLanguage);
@valinet
valinet / toggle_clock_flyout.c
Last active October 12, 2023 01:31
An example showing an interesting technique necessary to toggle the clock flyout in the Windows 10 taskbar on the monitor containing the mouse
/*
* Example showing an interesting technique necessary to toggle the clock flyout
* in the Windows 10 taskbar on the monitor containing the mouse
*
* Copyright (C) 2006-2021 VALINET Solutions SRL. All rights reserved.
* License: GPLv2
*/
#include <Windows.h>
#include <TlHelp32.h>
@valinet
valinet / WinCenterTitle.xml
Created January 13, 2021 23:35
<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Date>2020-12-31T19:52:44.3288116</Date>
<Author>DESKTOP-JIAP5UR\Administrator</Author>
<Description>Center the text in windows' title bars.</Description>
<URI>\WinCenterTitle</URI>
</RegistrationInfo>
<Triggers>
<LogonTrigger>
@valinet
valinet / unattend.xml
Created January 13, 2021 23:33
Custom Windows 10 unattend.xml for Sysprep.
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserData>
<AcceptEula>true</AcceptEula>
</UserData>
</component>
</settings>
<settings pass="oobeSystem">
@valinet
valinet / StartupOnce.bat
Created January 13, 2021 23:32
Windows 10 deployment script that runs once for each newly created user account.
echo Y|del %appdata%\microsoft\windows\recent\automaticdestinations\*
rem Start Firefox
"C:\Program Files\Mozilla Firefox\firefox.exe"
rem Uninstall Photos
powershell -command "Get-AppxPackage Microsoft.Windows.Photos | Remove-AppxPackage"
rem Set region to Romania, regional format to Romania, add Romanian keyboard
powershell -command Set-Culture -CultureInfo ro-RO
powershell -command Set-WinHomeLocation -GeoId 0xc8
powershell -command "$langs = Get-WinUserLanguageList; $langs.Add(\"ro-RO\"); Set-WinUserLanguageList $langs -Force"
powershell -command "Set-TimeZone -Id \"GTB Standard Time\" -PassThru"
@valinet
valinet / deploy.ps1
Created January 13, 2021 23:30
Windows 10 audit mode deployment script
##########
# Win10 Initial Setup Script
# Author: Disassembler <disassembler@dasm.cz>
# Version: 1.4, 2016-01-16
##########
# Ask for elevated permissions if required
If (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]"Administrator")) {
Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs
Exit
@valinet
valinet / toast1.c
Created December 21, 2020 19:22
Send a toast notification in Windows 10 using plain C
// Send toast notifications in Windows 10, using Windows Runtime,
// without any language projection, in PLAIN C
// Copyright (c) 2021 Valentin - Gabriel Radu
//
// MIT License
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this softwareand associated documentation files(the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and /or sell
// copies of the Software, and to permit persons to whom the Software is
@valinet
valinet / tbforeground.py
Last active December 20, 2020 22:09
Set Thunderbird as the foreground application in Windows, no matter what
# Set Thunderbird as the foreground application in Windows, no matter what
# Copyright (c) 2020 Valentin-Gabriel Radu
#
# MIT License
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions: