This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Microsoft (R) Windows Debugger Version 10.0.17016.1000 AMD64 | |
Copyright (c) Microsoft Corporation. All rights reserved. | |
Loading Dump File [C:\Users\test\Documents\MEMORY.DMP] | |
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available. | |
Symbol search path is: srv* | |
Executable search path is: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<MitigationPolicy> | |
<SystemConfig> | |
<DEP Enable="true" EmulateAtlThunks="false" /> | |
<ASLR ForceRelocateImages="false" RequireInfo="false" BottomUp="true" HighEntropy="false" /> | |
<StrictHandle Enable="false" /> | |
<SystemCalls DisableWin32kSystemCalls="false" Audit="false" /> | |
<ExtensionPoints DisableExtensionPoints="false" /> | |
<DynamicCode BlockDynamicCode="false" AllowThreadsToOptOut="false" Audit="false" /> | |
<ControlFlowGuard Enable="false" SuppressExports="false" StrictControlFlowGuard="false" /> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<AppLockerPolicy Version="1"> | |
<RuleCollection Type="Appx" EnforcementMode="Enabled"> | |
<FilePublisherRule Id="a1baec9b-3250-44fe-865d-41c9397dcfcd" Name="Microsoft.Windows.ContentDeliveryManager, from Microsoft Corporation" Description="Block foistware?" UserOrGroupSid="S-1-1-0" Action="Deny"> | |
<Conditions> | |
<FilePublisherCondition PublisherName="CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US" ProductName="Microsoft.Windows.ContentDeliveryManager" BinaryName="*"> | |
<BinaryVersionRange LowSection="*" HighSection="*" /> | |
</FilePublisherCondition> | |
</Conditions> | |
</FilePublisherRule> | |
</RuleCollection> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
AMPAK Technology, Inc. | |
ASUSTek COMPUTER INC. | |
AzureWave Technology Inc. | |
BizLink (Kunshan) Co.,Ltd | |
Chicony Electronics Co., Ltd. | |
Digital Data Communications Asia Co.,Ltd | |
GOOD WAY IND. CO., LTD. | |
HUAWEI TECHNOLOGIES CO.,LTD | |
Hon Hai Precision Ind. Co.,Ltd. | |
Intel Corporate |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- packet-tpkt.c.orig 2019-06-21 14:47:47.831026881 +0000 | |
+++ packet-tpkt.c 2019-06-21 15:05:31.115056289 +0000 | |
@@ -22,6 +22,7 @@ | |
#include <epan/show_exception.h> | |
#include "packet-tpkt.h" | |
+#include "packet-tls.h" | |
void proto_register_tpkt(void); | |
void proto_reg_handoff_tpkt(void); | |
@@ -42,6 +43,7 @@ | |
static gboolean tpkt_desegment = TRUE; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
''' | |
Utility to check for processes running with non-ASLR-compatible components. | |
Run with Administrative privileges to get visibility into all processes. | |
(1a) psutil: https://pypi.org/project/psutil/ | |
Installed via PIP | |
-OR- | |
(1b) Sysinternals ListDLLs: https://docs.microsoft.com/en-us/sysinternals/downloads/listdlls |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
com.whatsapp 1000000000 | |
com.lenovo.anyshare.gps 1000000000 | |
com.instagram.android 1000000000 | |
com.zhiliaoapp.musically 500000000 | |
com.viber.voip 500000000 | |
wp.wattpad 100000000 | |
vStudio.Android.Camera360 100000000 | |
vsin.t16_funny_photo 100000000 | |
com.yahoo.mobile.client.android.mail 100000000 | |
com.xvideostudio.videoeditor 100000000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Don't use this version! | |
# Try https://gist.github.com/wdormann/8afe4edf605627ee4f203861b6cc3a1c instead | |
# | |
# Utility for listing SYSTEM-privileged scheduled tasks on Windows | |
# Tasks that come with Windows 10 are not included. | |
# Admin privileges are required to list all scheduled tasks. | |
import csv | |
import subprocess | |
import tempfile |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# DON'T USE THIS VERSION! | |
# Try https://gist.github.com/wdormann/89ed779933fe205fb52ecf3eacf5ff40 instead | |
import os | |
import subprocess | |
# See: https://blogs.msmvps.com/erikr/2007/09/26/set-permissions-on-a-specific-service-windows/ | |
svcinfo = {} | |
FNULL = open(os.devnull, 'w') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Windows Registry Editor Version 5.00 | |
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MicrosoftEdge\ActiveX Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}] | |
"Compatibility Flags"=dword:00000400 | |
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}] | |
"Compatibility Flags"=dword:00000400 | |
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ActiveX Compatibility\{D27CDB6E-AE6D-11cf-96B8-444553540000}] | |
"Compatibility Flags"=dword:00000400 |
OlderNewer