| Interesting web directories: | |
| ============================ | |
| .git/HEAD | |
| .git/index | |
| .git/config | |
| .admin | |
| .bak | |
| .config | |
| .htaccess |
When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.
| MySQL init: | |
| =========== | |
| 1. mysql -u root -p -h localhost | |
| 2. CREATE USER 'johndoe'@'localhost' IDENTIFIED BY 'johnspass'; | |
| 3. CREATE DATABASE test; | |
| 4. GRANT ALL PRIVILEGES ON test.* TO 'johndoe'@'localhost'; | |
| ?. source test.sql |
I hereby claim:
To claim this, I am signing this object:
| import pefile, os | |
| for filename in os.listdir(os.getcwd()): | |
| try: | |
| pe = pefile.PE(filename) | |
| print('Analyzing: ',filename) | |
| for sect in pe.sections: | |
| print(str(sect.Name),' ',str(sect.get_hash_md5())) | |
| print('----------------------------------------------------------------') |
| A collection of Ghidra resources found throughout Twitter, Google and others.. | |
| ############################################################################## | |
| Official site: https://ghidra-sre.org/ | |
| Latest package: https://ghidra-sre.org/ghidra_9.0_PUBLIC_20190228.zip | |
| Installation guide: https://ghidra-sre.org/InstallationGuide.html | |
| Github repository: https://github.com/NationalSecurityAgency/ghidra | |
| RSA Conference pdf: https://www.rsaconference.com/writable/presentations/file_upload/png-t09-come-get-your-free-nsa-reverse-engineering-tool_.pdf | |
| GHIDRA mirror: https://flfy.org/ghidra_9.0_PUBLIC_20190228.zip | |
| GHIDRA cheatsheet: https://flfy.org/ghidra/cheatsheet/CheatSheet.html |
| int __cdecl function_cdecl(int a, int b, int c) | |
| { | |
| return (a + b + c) | |
| } | |
| int __stdcall function_stdcall(int a, int b, int c) | |
| { | |
| return (a + b + c) | |
| } |
| import re | |
| r = re.compile('(?=\w{5})(?P<grp>\w{5})', re.IGNORECASE) | |
| x = "There is more to him than meets the eye" | |
| r.search(x) | |
| r.match(x) | |
| r.search(x).group('grp') |
| # RegEx Cheatsheet: | |
| ################### | |
| MD5 [a-fA-F0-9]{32} | |
| SHA1 [a-fA-F0-9]{40} | |
| SHA256 [a-fA-F0-9]{64} | |
| SHA512 [a-fA-F0-9]{128} | |
| Base64 ^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$ | |
| IPv4 (?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?) | |
| IPv6 (?:[a-fA-F0-9]{1,4}:){7}[a-fA-F0-9]{1,4} |
| # Python XOR solver script for Tyler Hudak's pass-cli.exe challenge | |
| # https://drive.google.com/drive/folders/0B7JYzWHYPlEzbWxNSEpLRDREV2c | |
| encoded_pw = 'MhQfgWskms+' | |
| tmp = '' | |
| pw = '' | |
| print('Python XOR solver script for Tyler Hudak\'s pass-cli.exe challenge:') | |
| print('==================================================================', end='\n') |