retset ret5et
ret5et
/ xref_to_func.py
Created
September 8, 2015 14:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idautils import * | |
| from idc import * | |
| from idaapi import * | |
| ea = ScreenEA() | |
| def xref_to_func(ea): | |
| for xref in XrefsTo(ea, 0): | |
| ref_type = "" | |
| if xref.type == dr_W: |
ret5et
/ gist:a581c2165f30f4b3d585
Last active
March 28, 2016 16:24
— forked from wirepair/gist:5720064
IDAPython script to get Data Ref's for a variable and print out function, address ref'd and whether read/write,
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from idautils import * | |
| from idc import * | |
| from idaapi import * | |
| ea = ScreenEA() | |
| for xref in XrefsTo(ea, 0): | |
| ref_type = "" | |
| if xref.type == dr_W: | |
| ref_type = "W" | |
| elif xref.type == dr_R: |
ret5et
/ HighlightMnemsAndLocs.py
Last active
March 28, 2016 16:25
— forked from trietptm/HighlightMnemsAndLocs.py
https://www.accuvant.com/content/images/blog/2013/08/HighlightMnemsAndLocs.py_.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| ******************************************************************************** | |
| Name: HighlightMnemsAndLocs.py | |
| Author: case b <[email protected]> | |
| Version: 1 | |
| [Description] | |
| This script can be run from IDA's 'Script File' menu item or included in | |
| idapythonrc.py. When run it will add or remove a menu item under |
ret5et
/ color_block.py
Last active
October 24, 2015 22:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def get_bb_id(graph, ea): | |
| for block in graph: | |
| if block.startEA <= ea and block.endEA > ea: | |
| return block.id | |
| start_ea = 0x15f9ad6 | |
| base_block_ea = 0x15f9a60 | |
| f = get_func(start_ea) | |
| g = FlowChart(f, flags=FC_PREDS) #??? |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #BUGS: not work with unicode strings | |
| from idaapi import * | |
| from idautils import * | |
| import idc | |
| KEY="Shift-D" | |
| def func_dump_str(): | |
| fu = get_func(here()) | |
| f_end = fu.endEA |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://www.slideshare.net/PeterHlavaty/windows-kernel-exploitation-this-time-font-hunt-you-down-in-4-bytes + | |
| http://n0where.net/hacker-community-is-dead/ | |
| http://pen-testing.sans.org/blog/2012/06/06/escaping-restricted-linux-shells | |
| http://dslab.epfl.ch/pubs/cpi.pdf | |
| #-- | |
| https://tsyrklevich.net/2015/07/22/hacking-team-0day-market/ | |
| http://www.html5rocks.com/en/tutorials/service-worker/introduction/ | |
| https://www.youtube.com/watch?v=Di74wGAHysA | |
| https://drive.google.com/open?id=13p6O0C3aY-LSeqGAjfEge2XQT6ArfYnJyvu_fhAZlJI | |
| http://www.welivesecurity.com/2015/08/11/firefox-under-fire-anatomy-of-latest-0-day-attack/ |