Skip to content

Instantly share code, notes, and snippets.

View M1suzu's full-sized avatar

Zhang M1suzu

55 followers · 176 following
View GitHub Profile
@icewall
icewall / getGUIDfunction.py
Last active August 31, 2022 14:21
IDA Pro python getGUID
def getGUID(ea):
data1 = idc.GetManyBytes(ea,4)
data1 = struct.unpack("<I",data1)[0]
#print "%08x" % (data1)
ea += 4
data2 = idc.GetManyBytes(ea,2)
data2 = struct.unpack("<H",data2)[0]
#print "%04x" % (data2)
@mattypiper
mattypiper / armemu.py
Created June 2, 2016 03:37
ARM Assembly, Emulation, Disassembly using Keystone, Unicorn, and Capstone
#!/usr/bin/python
import sys
from keystone import *
from unicorn import *
from unicorn.arm_const import *
from capstone import *
from capstone.arm import *
from capstone.x86 import *
@rgov
rgov / gist:e6107e85563875d9d70b4fab83ccc791
Last active December 10, 2016 22:43

It is possible to use LLDB with VMware's debug server. While the virtual machine is powered off, add the following to its .vmx file:

debugStub.listen.guest64 = "TRUE"

In LLDB, you will need the x86_64 target definitions file.

(lldb) settings set plugin.process.gdb-remote.target-definition-file x86_64_target_definition.py

@0xnobody
0xnobody / unpackerscript.txt
Created April 30, 2016 22:21
////////////////////////Château-Saint-Martin//////////////////////////////////////////////////////////////////////////////////////////////////
// /////////////////////////////////////////////////////////////////////
// FileName : VMProtect Ultra Unpacker 1.0 ////////////////////////////////////////////////////////////////////
// Features : ///////////////////////////////////////////////////////////////////
// This script can unpack your VMProtected targets //////////////////////////////////////////////////////////////////
// completely and independently in the best case. /////////////////////////////////////////////////////////////////
// If your target is protected with a older VMP ////////////////////////////////////////////////////////////////
// version then it can be ne
@yrp604
yrp604 / xnu-syscall-life-amd64.md
Last active October 2, 2023 15:59
The life of an XNU unix syscall on amd64

XNU syscall path

Chart

             +------------------+
             |These push their  |                                  +-----------------------+
             |respective syscall|                                  |This overwrites the    |
             |dispatch functions|                                  |saved dispatch function|
             |onto the stack    |                                  |with hndl_alltraps     |
@x56
x56 / find_CFLStrings.py
Created March 19, 2016 04:58
IDAPython script to name and create structs for all CFLString objects
import idaapi
import idc
#import idautils
import sys
#NOTE: may have to run this a few times to get to the end of the IDB, haven't bothered fixing this
def add_struct_to_idb(name):
idc.Til2Idb(-1, name)
@x56
x56 / grab_firmwares.py
Created March 19, 2016 04:53
Script for downloading all available AirPort device firmwares
#!/usr/bin/env python
import errno
import os
import plistlib
import sys
import urllib
def makedirs_if_absent(path):
try:
@trietptm
trietptm / securitytoollist.txt
Created January 29, 2016 04:53
securitytoollist.txt by SH1NU11BI: http://pastebin.com/pGU0P8JW
0trace 1.5 A hop enumeration tool http://jon.oberheide.org/0trace/
3proxy 0.7.1.1 Tiny free proxy server. http://3proxy.ru/
3proxy-win32 0.7.1.1 Tiny free proxy server. http://3proxy.ru/
42zip 42 Recursive Zip archive bomb. http://blog.fefe.de/?ts=b6cea88d
acccheck 0.2.1 A password dictionary attack tool that targets windows authentication via the SMB protocol. http://labs.portcullis.co.uk/tools/acccheck/
ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface http://ucsniff.sourceforge.net/ace.html
admid-pack 0.1 ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful. http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html
adminpagefinder 0.1 This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormse
@achillean
achillean / dump-images.py
Created January 17, 2016 21:56
Shodan script to parse out screenshot data from banners and store it in a separate directory.
#!/usr/bin/env python
# dump-images.py
#
# Extract all the image data from the banners and store them as separate images
# in a provided output directory.
#
# Example:
# shodan download --limit -1 screenshots.json.gz has_screenshot:true
# ./dump-images.py screenshots.json.gz images/
@romainthomas
romainthomas / hint_register.py
Last active November 3, 2017 05:47
[IDA] Hint on register
#
# Show a hint when the user's mouse is on a register
#
from idaapi import *
import idautils
def extract_reg(line, cx):
linelen = len(line)
if cx >= linelen:
return