Skip to content

Instantly share code, notes, and snippets.

View hugsy's full-sized avatar
:octocat:
‎just hacking on

crazy hugsy hugsy

:octocat:
‎just hacking on
1.3k followers · 186 following
View GitHub Profile
@hugsy
hugsy / start-gef-gotty.sh
Last active February 28, 2020 01:18
#!/bin/bash
set -e
if [ -d ~/gef-docker ]; then
echo "[+] Updating the image..."
cd ~/gef-docker
git pull
else
echo "[+] Getting the image..."
@hugsy
hugsy / profile.ps1
Last active June 3, 2020 18:15
Import-Module posh-git
Import-Module oh-my-posh
Set-Theme Paradox
Set-PSReadlineOption -EditMode Emacs
Set-PSReadLineKeyHandler -Chord Ctrl+LeftArrow -Function BackwardWord
Set-PSReadLineKeyHandler -Chord Ctrl+RightArrow -Function NextWord
Function Invoke-CmdScript {
@hugsy
hugsy / cpuid.cc
Last active January 10, 2020 01:54
/**
* QnD cpuid C script(tested win & lin)
*/
#include <stdio.h>
#include <stdint.h>
using namespace std;
#include <iostream>
#include <array>
@hugsy
hugsy / Get-Coredump.ps1
Created January 6, 2020 21:55
function Get-Coredump
{
<#
.SYNOPSIS
Uses COM services to generate a coredump of a running process
.DESCRIPTION
Uses COM services to generate a coredump of a running process
@hugsy
hugsy / windbgx_cmdline.txt
Created October 10, 2019 20:45
/loadSession - Load a saved session configuration file.
/setupFirewallRules - Configures the required firewall rules on the local system to allow kernel debugging.
/c - Executes a command line after the debugger is attached.
/logo - Begins logging information to a log file. If the file exists, it will be overwritten.
/loga - Begins logging information to a log file. If the file exists, it will be appended to.
/e - Signals the event with the given handle after the next exception in a target.
/v - Enables verbose output in the debugger.
/Q - Deprecated command-line option.
/QY - Deprecated command-line option.
/QS - Deprecated command-line option.
@hugsy
hugsy / i_can_count.py
Created April 14, 2019 00:55
#!/usr/bin/python3
#
# Emulation script for "i_can_count_8484ceff57cb99e3bdb3017f8c8a2467" from 0x56556104 to 0x56556109
#
# Powered by gef, unicorn-engine, and capstone-engine
#
# @_hugsy_
#
from __future__ import print_function
import collections
@hugsy
hugsy / AllocateLargePool.c
Created March 17, 2019 20:03
#include <windows.h>
#include <stdio.h>
#pragma comment(lib, "ntdll.lib")
#define SystemBigPoolInformation 0x42
#define ThreadNameInformation 0x26
#define DATA_TO_COPY "AAAAAAAAAAAAABBBBBBBBBBBBBBBCCCCCCCCCCCCCCCDDDDDDDDDDDDDDD"
@hugsy
hugsy / SimpleSetThreadName.c
Created March 17, 2019 18:10
#include <windows.h>
#include <wchar.h>
#pragma comment(lib, "ntdll.lib")
#define ThreadNameInformation 0x26
// mimic nt!UNICODE_STRING
// sizeof(UNICODE_STRING) must be 0x10 for the syscall to succeed.
typedef struct
{
WORD Length;
@hugsy
hugsy / loader.cpp
Created March 10, 2018 20:20
/**
* Fuzzing arbitrary functions in ELF binaries, using LIEF and LibFuzzer
*
* Full article on https://blahcat.github.io/
* @_hugsy_
*
*/
#include <dlfcn.h>
#include <stdio.h>
#include <stdlib.h>
@hugsy
hugsy / PatchClean.ps1
Last active April 21, 2025 06:24
PatchExtract.ps1 & PatchClean.ps1 from Greg Linares (all credits to @Laughing_Mantis)
<#
================
PATCHCLEAN.PS1
=================
Version 1.0 Patch Folder Cleaner by Greg Linares (@Laughing_Mantis)
This Tool will go through the patch folders created by PatchExtract.PS1 and look for files created older
than 30 days prior to the current date and move these to a sub folder named "OLD" in the patch folders.