Skip to content

Instantly share code, notes, and snippets.

View trietptm's full-sized avatar
💭
Information Security Consulting, Threat Hunting

Minh-Triet Pham Tran trietptm

💭
Information Security Consulting, Threat Hunting
View GitHub Profile
@trietptm
trietptm / unicode.md
Created October 12, 2020 11:00 — forked from clarkb7/unicode.md
A guide to character encoding aware development
@trietptm
trietptm / Your language sucks.md
Created October 7, 2020 08:00 — forked from P4/Your language sucks.md
Your programming language sucks

You appear to be advocating a new...

  • Functional
  • Imperative
  • Object-oriented
  • Procedural
  • Stack-based
  • "Multi-paradigm"
  • Lazy
  • Eager
@trietptm
trietptm / stop_cpuid_detect.py
Created October 7, 2020 04:49 — forked from deeso/stop_cpuid_detect.py
use x64dbg look for cpuid instructions and unset the HVM bit
from x64dbgpy import pluginsdk
# Put this script in the Python path, and
# execute the following Python snippets in
# the Python dialog in x64dbg:
#
# from stop_cpuid_detect import *
# trace_cpuid(n=1000)
# the above code will trace through the program
@trietptm
trietptm / bookmarklist.md
Created October 1, 2020 07:16 — forked from tofuseng/bookmarklist.md
wtf-stuff

#summary Bookmarks List = Hacker Media =

== Blogs Worth It: == What the title says. There are a LOT of pentesting blogs, these are the ones i monitor constantly and value in the actual day to day testing work.

* http://carnal0wnage.blogspot.com/
* http://www.mcgrewsecurity.com/
* http://www.gnucitizen.org/blog/
@trietptm
trietptm / bbhit.c
Created September 18, 2020 07:48 — forked from axt/bbhit.c
Naive hit tracer implementation using DynamoRIO.
/*
* Naive hit tracer implementation using DynamoRIO.
*
* Author: axt
*
* Build it with the following commands:
* gcc -Dbbhit_EXPORTS -DSHOW_RESULTS -DSHOW_SYMBOLS -fPIC -I../include -I../ext/include -DX86_64 -DLINUX -O2 -fno-stack-protector -o bbhit.c.o -c bbhit.c
* gcc -fPIC -O2 -DX86_64 -DLINUX -fno-stack-protector -fPIC -shared -lgcc -Wl,--hash-style=both -shared -Wl,-soname,libbbhit.so -o libbbhit.so bbhit.c.o ../lib64/debug/libdynamorio.so.4.2 ../ext/lib64/debug/libdrsyms.so
*/
#include <stddef.h>
@trietptm
trietptm / rc4.py
Created September 18, 2020 07:46 — forked from OALabs/rc4.py
RC4 Crypto Python Module (probably stolen from stack overflow but it's been so long I can't remember)
#! /usr/bin/env python
##########################################################################################
##
## RC4 Crypto
##
##########################################################################################
def rc4crypt(key, data):

Choco Install

Install Choco

@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"

Install Ghidra 9.0.2

choco install ghidra
@trietptm
trietptm / Tools.txt
Created September 10, 2020 17:48 — forked from v14dislav/Tools.txt
tools for RE
1. Binary editors
hiew
bz
010
winhex
binwalk (IDA)
bindiff (IDA)
2. Disassembling
IDA (+hexrays plugin) (https://t.me/idapro)
@trietptm
trietptm / process_hollowing.c
Created September 10, 2020 17:47 — forked from v14dislav/process_hollowing.c
replacment process memory. injection technic
//https://github.com/theevilbit/injection/blob/master/ProcessHollowing/ProcessHollowing/ProcessHollowing.cpp
#include <stdio.h>
#include <Windows.h>
#include <winternl.h>
#pragma comment(lib,"ntdll.lib")
EXTERN_C NTSTATUS NTAPI NtTerminateProcess(HANDLE, NTSTATUS);
EXTERN_C NTSTATUS NTAPI NtReadVirtualMemory(HANDLE, PVOID, PVOID, ULONG, PULONG);
@trietptm
trietptm / dllinject.c
Created September 10, 2020 17:47 — forked from v14dislav/dllinject.c
dll path injection. depends on LoadLibrary()
#include <windows.h>
#include <tlhelp32.h>
DWORD getProcessID() {
DWORD processID = 0;
HANDLE snapHandle;
PROCESSENTRY32 processEntry = {0};
if( (snapHandle = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)) == INVALID_HANDLE_VALUE ) {
return 0;