spnow
/ disable_wsh.reg
Created
August 17, 2016 17:31
— forked from trietptm/disable_wsh.reg
Disable Windows Script Host (for prevention of recent ransomware phishing attacks)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script Host\Settings] | |
| "Enabled"="0" |
spnow
/ crackme.c
Created
August 17, 2016 10:50
— forked from trietptm/crackme.c
A demonstration of Markus Gaasedelen's method for reversing a binary - see URL in find_password.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdlib.h> | |
| #include <stdio.h> | |
| void main(int argc, char *argv[]) | |
| { | |
| if( argv[1][0] == 'f' ) { | |
| if( argv[1][1] == 'o' ) { | |
| if( argv[1][2] == 'o' ) { | |
| if( argv[1][3] == '\x00' ) { | |
| printf( "good password\n" ); |
spnow
/ analyze.py
Created
August 17, 2016 10:28
— forked from endeav0r/analyze.py
This is a quick, static taint-analysis script targetting PHP as seen on: http://rainbowsandpwnies.com/~endeavor/blog/finding-sqli-through-taint-analysis.html . It may be a bit hackish.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from phply.phpparse import parser | |
| import phply.phplex as phplex | |
| from phply.phpast import * | |
| import sys | |
| import copy | |
| import os.path | |
| import pickle | |
| import subprocess | |
| import traceback |
spnow
/ quick_ioctl_decoder.py
Created
August 17, 2016 10:23
— forked from herrcore/quick_ioctl_decoder.py
IDA Python plugin - Decode IOCTL Codes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################################ | |
| ## | |
| ## Quick IOCTL Decoder! | |
| ## | |
| ## All credit for actual IOCTL decode logic: | |
| ## http://www.osronline.com/article.cfm?article=229 | |
| ## | |
| ## | |
| ## To install: | |
| ## Copy script into plugins directory, i.e: C:\Program Files\IDA 6.8\plugins |
spnow
/ strings.py
Created
August 17, 2016 10:23
— forked from trietptm/strings.py
Extract ASCII and Unicode strings using Python.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ########################################################################################################## | |
| ## | |
| ## Like steroids for your strings! | |
| ## | |
| ## Original idea: @williballenthin | |
| ## Original link: https://gist.github.com/williballenthin/8e3913358a7996eab9b96bd57fc59df2 | |
| ## | |
| ## Lipstick and rouge by: @herrcore |
NewerOlder