Skip to content

Instantly share code, notes, and snippets.

View MurylloEx's full-sized avatar
💨
Studying

Muryllo Pimenta MurylloEx

💨
Studying
View GitHub Profile
@MurylloEx
MurylloEx / crowdstrike-bsod-reversed-sub_1400E4124.c
Created July 19, 2024 23:20
CrowdStrike BSOD reversed function sub_1400E4124
__int64 __fastcall sub_1400E4124(int a1, __int64 a2, __int64 a3, unsigned int a4)
{
unsigned int v4; // r10d
int v5; // ebp
int v10; // edx
unsigned int v11; // eax
unsigned int v12; // r10d
int v13; // r14d
unsigned int v14; // edi
unsigned int v15; // esi
@MurylloEx
MurylloEx / allocator.cpp
Created April 21, 2024 19:35
This function allocate a space near of a memory block that could be used by a trampoline function in hooking libraries.
#include <Windows.h>
#define MAX_MEMORY_RANGE 0x40000000
#define IS_POINTER_BETWEEN(P, MAX, MIN) (((ULONG_PTR)P < (ULONG_PTR)MAX) && ((ULONG_PTR)P > (ULONG_PTR)MIN))
#define PAGE_EXECUTE_FLAGS \
PAGE_EXECUTE | \
PAGE_EXECUTE_READ | \
PAGE_EXECUTE_READWRITE | \
PAGE_EXECUTE_WRITECOPY
@MurylloEx
MurylloEx / peb64-enum-modules.cpp
Created February 7, 2024 20:14
This snippet allow enumerate all modules of a process in Win32 using Process Environment Block (PEB) from remote process. Works with x86 and x64.
#include <Windows.h>
#include <TlHelp32.h>
#include <string>
#include <codecvt>
#ifndef NT_SUCCESS
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#endif
typedef struct _PROCESS_BASIC_INFORMATION {
@MurylloEx
MurylloEx / win32-load-dll-from-resource.cpp
Last active October 17, 2024 14:01
This source load a simple DLL that was compiled in a .EXE as a resource.
typedef struct BASE_RELOCATION_BLOCK {
DWORD PageAddress;
DWORD BlockSize;
} BASE_RELOCATION_BLOCK, *PBASE_RELOCATION_BLOCK;
typedef struct BASE_RELOCATION_ENTRY {
USHORT Offset : 12;
USHORT Type : 4;
} BASE_RELOCATION_ENTRY, * PBASE_RELOCATION_ENTRY;
@MurylloEx
MurylloEx / win32-heap-alloc.cpp
Created January 20, 2024 19:38
Load an arbitrary file to memory using a combination of CreateFileW + ReadFile + HeapAlloc + HeapFree
BOOL GetFileBufferInMemory(
LPCWSTR lpFileName,
LPVOID* pDestBuffer
) {
HANDLE FileHandle = CreateFileW(lpFileName, GENERIC_READ, NULL, NULL, OPEN_EXISTING, NULL, NULL);
if (FileHandle == INVALID_HANDLE_VALUE) {
printf_s("CreateFileW failed to retrieve the file handle.");
return FALSE;
}
@MurylloEx
MurylloEx / crud-repository.interface.ts
Last active July 25, 2023 17:30
Sample of CRUD Repository and Paging Repository Pattern based on Spring Framework repository abstraction layers (CRUD, PagingAndSorting, Jpa). It was designated to work with Sequelize Typescript.
import { Model } from 'sequelize-typescript';
import { MakeNullishOptional } from 'sequelize/types/utils';
import { DestroyOptions, FindOptions, UpdateOptions } from 'sequelize';
export type RepoPrimaryKey = string | number | bigint;
export type RepoDelete<TAttributes extends object> = DestroyOptions<TAttributes>;
export type RepoUpdate<TAttributes extends object> = UpdateOptions<TAttributes>;
export type RepoFetch<TAttributes extends object> = FindOptions<TAttributes>;
export type RepoCreate<TAttributes extends object> = MakeNullishOptional<TAttributes>;
@MurylloEx
MurylloEx / electrodb-repository-pattern.ts
Created April 16, 2023 02:50
A sample of Repository design pattern in DynamoDB using ElectroDB as library to access the AWS DynamoDB.
import { v4 as uuid } from 'uuid';
import { generate } from 'randomstring';
import { DynamoDBClient } from '@aws-sdk/client-dynamodb';
import { DynamoDBDocumentClient } from '@aws-sdk/lib-dynamodb';
import {
Schema,
Entity,
Item,
AllTableIndexCompositeAttributes,
PutItem
@MurylloEx
MurylloEx / If.tsx
Last active October 17, 2024 14:02
[React] If Conditional Render
import { Fragment, FunctionComponent, ReactElement, useCallback } from 'react';
import { IfElse } from './IfElse';
import { IfThen } from './IfThen';
import { IfElseIf } from './IfElseIf';
type CompoundComponent<T, K> = FunctionComponent<T> & K;
type IfThenType = typeof IfThen;
type IfElseType = typeof IfElse;
type IfElseIfType = typeof IfElseIf;