Required tools for playing around with memory:
hexdumpobjdumpreadelfxxdgcore
CMCDragonkai
/ memory_layout.md
Last active
March 29, 2026 17:47
Linux: Understanding the Memory Layout of Linux Executables
wdormann
/ checkaslrfiles.py
Last active
October 2, 2025 00:51
Python script to check for PE files linked with /DYNAMICBASE, but are not actually ASLR compatible due to missing relocation table
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| '''checkaslrfiles.py: Check for files that opt into ASLR with /DYNAMICBASE, | |
| but do not have a relocation table to allow ASLR to function. | |
| usage: checkaslrfiles.py <dir> | |
| ex: checkaslr.py "C:\Program Files\" | |
| requires: pefile <https://github.com/erocarrera/pefile>, which should be | |
| installable via: pip install pefile | |
| ''' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Retrieves all of the trust relationships for this domain - Does not Grab Forest Trusts | |
| ([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).GetAllTrustRelationships() | |
| Grab Forest Trusts. | |
| ([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).GetAllTrustRelationships() | |
muff-in
/ resources.md
Last active
March 5, 2026 00:46
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
dclark
/ aws-cloud-shell-get-aws-credentials.sh
Created
August 25, 2023 11:37
AWS CloudShell get credentials
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Retrieve AWS credentials from AWS CloudShell | |
| # shellcheck disable=SC2001 | |
| HOST=$(echo "$AWS_CONTAINER_CREDENTIALS_FULL_URI" | sed 's|/latest.*||') | |
| TOKEN=$(curl -s -X PUT "$HOST"/latest/api/token -H "X-aws-ec2-metadata-token-ttl-seconds: 60") | |
| OUTPUT=$(curl -s "$HOST/latest/meta-data/container/security-credentials" -H "X-aws-ec2-metadata-token: $TOKEN") | |
| echo "export AWS_ACCESS_KEY_ID=$(echo "$OUTPUT" | jq -r '.AccessKeyId')" | |
| echo "export AWS_SECRET_ACCESS_KEY=$(echo "$OUTPUT" | jq -r '.SecretAccessKey')" |
0xdevalias
/ reverse-engineering-golang.md
Last active
March 27, 2026 07:59
Some notes, tools, and techniques for reverse engineering Golang binaries
Some notes, tools, and techniques for reverse engineering Golang binaries.