Executable and Linkable Format (ELF), is the default binary format on Linux-based systems.
Schrodinger schrodyn
schrodyn
/ elf_format_cheatsheet.md
Created
February 8, 2024 11:25
— forked from DtxdF/elf_format_cheatsheet.md
ELF Format Cheatsheet
schrodyn
/ optimal_mtu.md
Created
January 17, 2024 12:52
— forked from nitred/optimal_mtu.md
Wireguard Optimal MTU
- I faced bandwidth issues between a WG Peer and a WG server. Download bandwidth when downloading from WG Server to WG peer was reduced significantly and upload bandwidth was practically non existent.
- I found a few reddit posts that said that we need to choose the right MTU. So I wrote a script to find an optimal MTU.
- Ideally I would have liked to have run all possible MTU configurations for both WG Server and WG Peer but for simplicity I choose to fix the WG Server to the original 1420 MTU and tried all MTUs from 1280 to 1500 for the WG Peer.
- On WG server, I started an
iperf3server - On WG peer, I wrote a script that does the following:
wg-quick down wg0
- Edit MTU in the
/etc/wireguard/wg0.conffile
schrodyn
/ rich_header_yara.py
Created
January 16, 2024 13:49
— forked from latonis/rich_header_yara.py
Rich Header YARA Rule Generator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import argparse | |
| import binascii | |
| import hashlib | |
| import os | |
| import re | |
| import sys | |
| import traceback | |
| __author__ = "Jeff White [karttoon] @noottrak" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| !pe | |
| .exr -1 `last exception | |
| !sos.pe `last clr exception | |
| !dso `dump stack object | |
| .chain | |
| .load sos |
schrodyn
/ schrodinger.zsh-theme
Created
September 14, 2023 13:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| NEWLINE=$'\n' | |
| PROMPT="[%(?:%{$fg_bold[green]%}quack :%{$fg_bold[red]%}quack )%{$reset_color%}(%T) " | |
| PROMPT+='%{$fg[cyan]%}%c%{$reset_color%}$(git_prompt_info)' | |
| PROMPT+="]${NEWLINE}" | |
| PROMPT+="➜ " | |
| ZSH_THEME_GIT_PROMPT_PREFIX=" %{$fg_bold[blue]%}git:(%{$fg[red]%}" | |
| ZSH_THEME_GIT_PROMPT_SUFFIX="%{$reset_color%}" | |
| ZSH_THEME_GIT_PROMPT_DIRTY="%{$fg[blue]%}) %{$fg[yellow]%}✗" | |
| ZSH_THEME_GIT_PROMPT_CLEAN="%{$fg[blue]%})" |
schrodyn
/ Setting $PATH for zsh on macOS.md
Created
August 5, 2023 21:46
— forked from Linerre/Setting $PATH for zsh on macOS.md
Properly setting $PATH for zsh on macOS (fighting with path_helper)
schrodyn
/ pxor_string_decrypt_wip.py
Created
July 24, 2023 16:38
— forked from oopsmishap/pxor_string_decrypt_wip.py
WIP: pxor string via janky emulation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| from typing import List | |
| import pefile | |
| from capstone import * | |
| from capstone.x86 import * | |
| import re | |
| import struct | |
| # SAMPLE_PATH = 'bin/enc_string_test.bin32' | |
| SAMPLE_PATH = 'bin/2cd2f077ca597ad0ef234a357ea71558d5e039da9df9958d0b8bd0efa92e74c9.bin32' |
schrodyn
/ 0 - get the right version
Created
July 17, 2023 18:18
— forked from dlangille/0 - get the right version
librenms reported problems
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I run this on my server called 'empty'. | |
| Assuming you've done a git clone or a git pull of the code... | |
| Switch to the release you want to build: | |
| [dan@empty:~/librenms] $ export RELEASE=1.56 | |
| [dan@empty:~/librenms] $ git checkout master | |
| [dan@empty:~/librenms] $ git pull | |
| [dan@empty:~/librenms] $ git checkout tags/$RELEASE |
schrodyn
/ pebase.h
Created
July 1, 2023 22:00
— forked from herrcore/pebase.h
PE_BASE struct to help with IDA markup of PE access
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| union PE_BASE { | |
| PVOID baseAddress; | |
| IMAGE_DOS_HEADER *mz; | |
| IMAGE_NT_HEADERS *pe; | |
| }; | |
| union PE_BASE64 { | |
| PVOID baseAddress; | |
| IMAGE_DOS_HEADER *mz; | |
| IMAGE_NT_HEADERS64 *pe; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # only used for ports in poudriere.conf:ALLOW_MAKE_JOBS_PACKAGES | |
| # ALLOW_MAKE_JOBS_PACKAGES="pkg llvm* openjdk*" | |
| MAKE_JOBS_NUMBER=4 | |
| DEFAULT_VERSIONS+=ssl=libressl | |
| DEFAULT_VERSIONS+=python=2.7 python2=2.7 python3=3.6 | |
| DEFAULT_VERSIONS+=mysql=10.2m | |
| DEFAULT_VERSIONS+=samba=4.6 |