Jim_Di jimdi

ГИС и картография

группы

Assembly Language / Reversing / Malware Analysis / Game Hacking -resources

⭐Assembly Language

Modern x64 Assembly

https://www.youtube.com/playlist?list=PLKK11Ligqitg9MOX3-0tFT1Rmh3uJp7kA

Регулярное выражение для нахождения русского мата в тексте. Использовать следует только для первичной модерации, ибо обходится нажатием в одну клавишу. Если вам требуется полноценный фильтра мата, советую прибегнуть к программному пути создания такового, найти третье API, или просто остановиться на ручной модерации.

Выражение писалось в первую очередь с оглядкой на регулярки Java - для других языков может потребоваться адаптация.

Основа регулярного выражения

\b(
((у|[нз]а|(хитро|не)?вз?[ыьъ]|с[ьъ]|(и|ра)[зс]ъ?|(о[тб]|п[оа]д)[ьъ]?|(.\B)+?[оаеи-])-?)?(
  [её](б(?!о[рй]|рач)|п[уа](ц|тс))|
  и[пб][ае][тцд][ьъ]

Base64 Patterns - Learning Aid

Base64 Code	Mnemonic Aid	Decoded*	Description
`JAB`	🗣 Jabber	`$.`	Variable declaration (UTF-16), e.g. `JABlAG4AdgA` for `$env:`
`TVq`	📺 Television	`MZ`	MZ header
`SUVY`	🚙 SUV	`IEX`	PowerShell Invoke Expression
`SQBFAF`	🐣 Squab favorite	`I.E.`	PowerShell Invoke Expression (UTF-16)
`SQBuAH`	🐣 Squab uahhh	`I.n.`	PowerShell Invoke string (UTF-16) e.g. `Invoke-Mimikatz`
`PAA`	💪 "Pah!"	`<.`	Often used by Emotet (UTF-16)

Reversing Raw Binary Firmware Files in Ghidra

This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.

Prep work in Binwalk

I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.

While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.

This is a technique for extracting all imported modules from a packaged Python application as .pyc files, then decompiling them. The target program needs to be run from scratch, but no debugging symbols are necessary (assuming an unmodified build of Python is being used).

This was originally performed on 64-bit Linux with a Python 3.6 target. The Python scripts have since been updated to handle pyc files for Python 2.7 - 3.9.

Theory

In Python we can leverage the fact that any module import involving a .py* file will eventually arrive as ready-to-execute Python code object at this function:

PyObject* PyEval_EvalCode(PyObject *co, PyObject *globals, PyObject *locals);

We did it! We broke gist.github.com ;) So head over to the new home! Thank you all!
2021.10.20: https://github.com/AveYo/MediaCreationTool.bat now open for interaction

Not just an Universal MediaCreationTool wrapper script with ingenious support for business editions,

A powerful yet simple windows 10 / 11 deployment automation tool as well!

discuss on MDL

Dockerfiles

Standart dockerfile

FROM registry.nextgis.com/sshd:0.1.0
#там ubuntu с gdal

ARG DEBIAN_FRONTEND=noninteractive
ARG APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn

	#!/usr/bin/env bash

	SLEEP_DURATION=${SLEEP_DURATION:=1} # default to 1 second, use to speed up tests

	progress-bar() {
	local duration
	local columns
	local space_available
	local fit_to_screen
	local space_reserved

	#!/usr/bin/env python
	# -- coding: utf-8 --
	"""
	File name: download_apk.py
	Author: Dawand Sulaiman

	Download APK files from Google Play Store with Python
	This script scraps https://apkpure.com to get the apk download link
	Make sure you have BeautifulSoup and urllib libraries
	"""