This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Clean PE files that have a lot of junk after its end to avoid AV scanners and slow down analysis tools | |
| import pefile | |
| import sys | |
| import os | |
| TRESHOLD = 100 | |
| if __name__ == '__main__': | |
| if len(sys.argv) < 2: |
buzzer-re
/ scan_exports.py
Created
August 9, 2023 02:44
Hunt for some exported function name on a given directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # A Python script using LIEF to search a specific exported function name in a directories | |
| # This is useful when you don't know the DLL name but (somehow) knows the exported function name | |
| import sys | |
| import lief | |
| import os | |
| import logging | |
| lief.logging.set_level(lief.logging.LOGGING_LEVEL.CRITICAL) | |
| DLL_CHAR = 0x2000 |
buzzer-re
/ accept_ida_eula.py
Created
April 19, 2026 20:05
Accept IDA's EULA for headless installations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Exactly what is already public https://github.com/HexRaysSA/ida-hcli/blob/main/src/hcli/lib/ida/__init__.py#L316 | |
| from __future__ import annotations | |
| import os | |
| import sys | |
| from pathlib import Path |
buzzer-re
/ gopclntab_recovery.py
Last active
May 25, 2026 14:12
Go pclntab function recovery for IDA for Golang 1.2, 1.16, 1.18 and 1.20. Wrote with Codex (GPT)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Minimal Go pclntab function recovery for IDA. | |
| # | |
| # Run from IDA with File > Script file..., or copy to IDA/plugins and invoke | |
| # Edit > Plugins > Go pclntab recover. | |
| import re | |
| import struct | |
| import ida_auto | |
| import ida_bytes |
OlderNewer