Install iTerm 2
Download, unzip and drag to your Applications directory.
https://www.iterm2.com/downloads.html
JAEKI KIM Jack2
Neo23x0
/ annotations.xml
Last active
November 12, 2024 01:34
Sources for APT Groups and Operations Search Engine
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <Annotations start="0" num="171" total="171"> | |
| <Annotation about="www.bussink.net/*" timestamp="0x0005d7bc4022b026" href="ChF3d3cuYnVzc2luay5uZXQvKhCm4IqBxPf1Ag"> | |
| <Label name="_cse_turlh5vi4xc"/> | |
| <AdditionalData attribute="original_url" value="https://www.bussink.net/"/> | |
| </Annotation> | |
| <Annotation about="*.thedfirreport.com/*" timestamp="0x0005d76dd5f8679d" href="ChUqLnRoZWRmaXJyZXBvcnQuY29tLyoQnc_hr93t9QI"> | |
| <Label name="_cse_turlh5vi4xc"/> | |
| <AdditionalData attribute="original_url" value="https://thedfirreport.com/"/> | |
| </Annotation> |
securifybv
/ NotCreateRemoteThread.c
Last active
September 20, 2021 20:22
Run shell code in another process without CreateRemoteThread
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma comment(lib, "Shell32.lib") | |
| #include <windows.h> | |
| #include <shlobj.h> | |
| // msfvenom -p windows/exec -a x86 --platform windows -f c cmd=calc.exe | |
| int buf_len = 193; | |
| unsigned char buf[] = | |
| "\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30" | |
| "\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff" | |
| "\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf2\x52" |
skochinsky
/ rich.py
Created
April 13, 2017 13:03
MSVC PE Rich header parser with compiler version display
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # based on code from http://trendystephen.blogspot.be/2008/01/rich-header.html | |
| import sys | |
| import struct | |
| # I'm trying not to bury the magic number... | |
| CHECKSUM_MASK = 0x536e6144 # DanS (actuall SnaD) | |
| RICH_TEXT = 'Rich' | |
| RICH_TEXT_LENGTH = len(RICH_TEXT) | |
| PE_START = 0x3c | |
| PE_FIELD_LENGTH = 4 |
williballenthin
/ auto_shellcode_hashes.py
Last active
November 5, 2023 22:12
automatically resolve shellcode hashes into symbolic names using emulation, example: https://asciinema.org/a/EaHLv3yy7nGnh7mfHQ5DVy1LJ
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import sys | |
| import logging | |
| import pefile | |
| import ucutils | |
| import unicorn | |
| import capstone | |
| import argparse |
normanlolx
/ iterm2-oh-my-fish.md
Last active
May 5, 2024 13:53
iTerm2 Solarized Dark theme + Fish shell + oh-my-fish /// macOS High Sierra
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # source:http://geocities.com/SiliconValley/heights/7052/opcode.txt | |
| From: [email protected] (Mark Hopkins) | |
| Newsgroups: alt.lang.asm | |
| Subject: A Summary of the 80486 Opcodes and Instructions | |
| (1) The 80x86 is an Octal Machine | |
| This is a follow-up and revision of an article posted in alt.lang.asm on | |
| 7-5-92 concerning the 80x86 instruction encoding. | |
| The only proper way to understand 80x86 coding is to realize that ALL 80x86 |
williballenthin
/ floss-lite.py
Last active
August 16, 2021 13:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| ''' | |
| A simplified FLOSS implementation that only supports stackstrings. | |
| requirements: | |
| - yara-python | |
| - unicorn | |
| author: Willi Ballenthin | |
| email: [email protected] |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <string.h> | |
| #include <pthread.h> | |
| #include <sys/mman.h> | |
| #include <IOKit/IOKitLib.h> | |
| #include <CoreFoundation/CFPropertyList.h> | |
| const char* kMyDriversIOKitClassName = "io_oooverflow_IPwnKit"; |
http://dream.ahboom.net/entry/한글-유니코드-자소-분리-방법 에 대한 파이썬 구현입니다.
>>> korean_to_code('파이썬')
'vkdlTjs'