Skip to content

Instantly share code, notes, and snippets.

param (
[string]$DesktopDeploymentCab,
[string]$PsfFile,
[string]$OutPath,
[switch]$Verbose = $false
)
mkdir -Force $OutPath | Out-Null
$OutPath = Resolve-Path $OutPath
$oldpath = $env:PATH
#include <iostream>
#include <set>
#include <string>
#include <vector>
#include <utility>
#include <iterator>
#include <algorithm>
#include <cstdio>
#include <cstdarg>
#include <cstdlib>
@wumb0
wumb0 / CodeCoverage.cpp
Last active November 6, 2022 21:29
slightly modified lighthouse coverage PIN tool, updated build script to work with PIN 3.21
#include <iostream>
#include <set>
#include <string>
#include <vector>
#include <utility>
#include <iterator>
#include <algorithm>
#include <cstdio>
#include <cstdarg>
#include <cstdlib>
@wumb0
wumb0 / drcov-3-to-2.py
Last active October 25, 2023 06:50
convert a drcov version 3 file to drcov version 2 for lighthouse
"""
drcov version 3 isn't supported by lighthouse :(
convert drcov version 3 with module table version 5 to drcov version 2
with module table version 2 so lighthouse will eat it!
"""
import sys
import re
@wumb0
wumb0 / frida-drcov.py
Last active February 8, 2022 18:14
more optimized frida drcov script for lighthouse that monitors windows targets for new threads and modules
#!/usr/bin/env python
from __future__ import print_function
import argparse
import json
import os
import sys
import threading
import functools
@wumb0
wumb0 / asmul8r.py
Created November 29, 2020 18:33
command line assembly emulator that allows you to quickly see the results of instructions
# requires keystone-engine, capstone, prompt_toolkit, and pygments
import keystone as ks
import unicorn as uc
import math
import sys
from pygments.lexers.asm import NasmLexer
from pygments.styles import get_style_by_name
from prompt_toolkit.shortcuts import prompt
@wumb0
wumb0 / PatchExtract.ps1
Last active November 18, 2024 08:29
extract microsoft MSU files
<#
____ _ _
| _ \ __ _| |_ ___| |__
| |_) / _` | __/ __| '_ \
| __/ (_| | || (__| | | |
|_| \__,_|\__\___|_| |_|
_____ _ _
| ____|_ _| |_ _ __ __ _ ___| |_
| _| \ \/ / __| '__/ _` |/ __| __|
@wumb0
wumb0 / delta_patch.py
Last active October 30, 2024 14:53
a script for applying MS patch deltas
import base64
import hashlib
import zlib
from ctypes import (
CDLL,
POINTER,
LittleEndianStructure,
c_size_t,
c_ubyte,
c_uint64,
# This script is a simple script to locate functions within a program
# that are on the Microsoft "banned functions list" inside of banned.h
#@author Jaime Geiger
#@category Vulnerability Research
#@keybinding Ctrl-Shift-Alt-B
#@menupath Tools.Plugins.Banned Functions
banned = ["strcpy","strcpyA","strcpyW","wcscpy","_tcscpy","_mbscpy","StrCpy","StrCpyA","StrCpyW","lstrcpy","lstrcpyA","lstrcpyW","_tccpy","_mbccpy","_ftcscpy","strcat","strcatA","strcatW","wcscat","_tcscat","_mbscat","StrCat","StrCatA","StrCatW","lstrcat","lstrcatA","lstrcatW","StrCatBuff","StrCatBuffA","StrCatBuffW","StrCatChainW","_tccat","_mbccat","_ftcscat","wvsprintf","wvsprintfA","wvsprintfW","vsprintf","_vstprintf","vswprintf","strncpy","wcsncpy","_tcsncpy","_mbsncpy","_mbsnbcpy","StrCpyN","StrCpyNA","StrCpyNW","StrNCpy","strcpynA","StrNCpyA","StrNCpyW","lstrcpyn","lstrcpynA","lstrcpynW","strncat","wcsncat","_tcsncat","_mbsncat","_mbsnbcat","StrCatN","StrCatNA","StrCatNW","StrNCat","StrNCatA","StrNCatW","lstrncat","lstrcatnA","lstrcatnW"
@wumb0
wumb0 / indexer.py
Last active February 27, 2018 05:51
helps index stuff for exams... if they don't give you an index, or the one they provide is bad. tweak as you see fit.
from sqlalchemy import create_engine, Column, Integer, String, func
from sqlalchemy.orm import sessionmaker
from sqlalchemy.ext.declarative import declarative_base
from reportlab.lib.pagesizes import letter
from reportlab.lib.units import cm
from reportlab.pdfgen import canvas
from reportlab.pdfbase.pdfmetrics import stringWidth
import sys
try: