Skip to content

Instantly share code, notes, and snippets.

View buzzer-re's full-sized avatar
🔍

Anderson buzzer-re

🔍
276 followers · 110 following
View GitHub Profile
@buzzer-re
buzzer-re / dnsrecon.py
Last active December 21, 2020 20:46
Extract maximum information possible from a DNS server and also try zone migration
from dns.resolver import Resolver
from dns.query import xfr
import json
import argparse
if __name__ == '__main__':
args = argparse.ArgumentParser("DNS resolver toolkit")
@buzzer-re
buzzer-re / adj_matrix_to_bytes.sh
Created July 11, 2020 21:52
# Convert matrix to raw bytes
# $ cat simple
# 1,1
# 1,0
# $ xxd simple.bin
# 00000000: 0101 0100
adj_matrix=$1
@buzzer-re
buzzer-re / virustotal_json.sh
Last active July 20, 2020 03:05
curl the public virus total endpoint to retrieve the report in json format
# Use the "public api" that https://www.virustotal.com/old-browsers/ uses for request the sample information
echo "[+] Virus Total file checker [+]"
if [ $# -ne 1 ]
then
echo "Usage: $0 <SHA1>"
exit
@buzzer-re
buzzer-re / frida_tracer.py
Created August 22, 2020 22:42
Quick and dirty frida tracer, just pass your injected script path and the process name
import frida
import subprocess
import sys
import argparse
if __name__ == '__main__':
args = argparse.ArgumentParser(description="A simple scriptable frida tracer")
args.add_argument("process", help="Process name to spawn!")
args.add_argument("--inject-script", help="script path to inject", required=True)
args = args.parse_args()
@buzzer-re
buzzer-re / aes.go
Last active December 21, 2020 20:41
Simple AES CBC encryptor and decryptor in Golang
package main
import (
"os"
"flag"
"fmt"
"syscall"
"io/ioutil"
"crypto/rand"
"crypto/cipher"
@buzzer-re
buzzer-re / organize.sh
Created March 16, 2021 02:30
Organize your directory by the filetype
#!/bin/bash
# This will organize a whole directory with each folder containing the filetype name
path=$1
if [ -z $path ]
then
echo "Usage $0 <path>"
@buzzer-re
buzzer-re / .zshrc
Created October 1, 2021 01:41
Intel binaries alias compilation in Apple Silicon
alias ccintel='clang -target x86_64-apple-macos10.12'
@buzzer-re
buzzer-re / virustotal.py
Last active October 14, 2021 13:27
Simple VirusTotal API client class for Python projects
import os
import json
import requests
class VirusTotal:
VT_API = 'https://www.virustotal.com/api/v3'
def __init__(self, key = None, query = None, limit_query=5):
self.valid = True
self.last_err = ''
@buzzer-re
buzzer-re / OSX-XNU syscall list
Created November 3, 2021 14:30
xnu syscall list
0 AUE_NULL ALL { int nosys(void); } { indirect syscall }
1 AUE_EXIT ALL { void exit(int rval) NO_SYSCALL_STUB; }
2 AUE_FORK ALL { int fork(void) NO_SYSCALL_STUB; }
3 AUE_NULL ALL { user_ssize_t read(int fd, user_addr_t cbuf, user_size_t nbyte); }
4 AUE_NULL ALL { user_ssize_t write(int fd, user_addr_t cbuf, user_size_t nbyte); }
5 AUE_OPEN_RWTC ALL { int open(user_addr_t path, int flags, int mode) NO_SYSCALL_STUB; }
6 AUE_CLOSE ALL { int sys_close(int fd); }
7 AUE_WAIT4 ALL { int wait4(int pid, user_addr_t status, int options, user_addr_t rusage) NO_SYSCALL_STUB; }
8 AUE_NULL ALL { int enosys(void); } { old creat }
9 AUE_LINK ALL { int link(user_addr_t path, user_addr_t link); }
@buzzer-re
buzzer-re / Unicorn-Engine-Documentation-English.md
Created September 16, 2022 02:09
Unicorn Engine Documentation English (from translate)

Unicorn-Engine API Documentation

Version 2.0.0

Official API document by kabeor

PDF File

Unicorn Engine is a lightweight, multi-platform, multi-architecture CPU simulator framework, the current version is based on [Qemu](https://www.qemu. org/) 5.0.1 development, it can replace the execution of CPU simulation code, commonly used in program virtualization, malicious code analysis, Fuzzing, etc. This project is used in [Qiling Virtual Framework] (https://github.com/qilingframework/ qiling), Radare2 Reverse Analysis Framework, GEF (pwn analysis plugin for gdb), [Pwndbg] (https://github.com/pwndbg/pwndbg), Angr Symbol Execution Framework and many other famous projects.