Skip to content

Instantly share code, notes, and snippets.

View williballenthin's full-sized avatar

Willi Ballenthin williballenthin

1.1k followers · 78 following
View GitHub Profile
@williballenthin
williballenthin / gist:331f872cc157d64a8d53
Last active August 29, 2015 14:16
parse an apache log timestamp, which looks something like `[17/Jan/2015:22:59:59 -0600]`
# from: http://www.seehuhn.de/blog/52
class Timezone(datetime.tzinfo):
def __init__(self, name="+0000"):
self.name = name
seconds = int(name[:-2])*3600+int(name[-2:])*60
self.offset = datetime.timedelta(seconds=seconds)
def utcoffset(self, dt):
return self.offset
@williballenthin
williballenthin / gist:ee0335a6826ce55ece2d
Last active August 29, 2022 22:14
Methods for fetching structure fields in Go (golang)
package main
import "log"
import "time"
import "reflect"
// suggested via http://stackoverflow.com/a/8363629/87207
func trace(s string) (string, time.Time) {
log.Println("START:", s)
return s, time.Now()
@williballenthin
williballenthin / vegas2015.py
Last active March 21, 2016 12:49
Fetch BlackHat, Defcon, and BsidesLV schedules and create a consolidated list
"""
requirements:
- requests
- unicodecsv
- beautifulsoup4
"""
import re
import functools
from collections import namedtuple
from collections import defaultdict
@williballenthin
williballenthin / syn_client_test.py
Last active September 21, 2015 14:11
Test client and server to demo Vivisect Synapse
import synapse.link as s_link
import synapse.daemon as s_daemon
import synapse.telepath as s_tele
def log(*args, **kwargs):
print("log %s %s" % (args, kwargs))
def main():
@williballenthin
williballenthin / install_python_cim_ubuntu.sh
Last active October 9, 2015 00:36
#!/bin/bash
# debian dependencies
sudo apt-get install python3 python3-pip qt5-default python3-pyqt5 git
# get virtualenv package for python3
sudo pip3 install virtualenv
# prepare a clean Python environment
mkdir env; virtualenv -p python3 env
@williballenthin
williballenthin / install_python_cim_arch.py
Created October 12, 2015 19:23
#!/bin/bash
# arch dependencies
sudo pacman -S python3 python-pyqt5 git
sudo pip3 install virtualenv
# prepare a clean Python environment
mkdir env; virtualenv -p python3 env
@williballenthin
williballenthin / unicorn_single_step.go
Last active December 27, 2019 01:59
Go program that demonstrates unexpected behavior in the Unicorn engine
package main
import (
"encoding/hex"
"fmt"
uc "github.com/unicorn-engine/unicorn/bindings/go/unicorn"
"strings"
)
var asm = strings.Join([]string{
@williballenthin
williballenthin / jvm-bytecode-interpreter.py
Created December 2, 2015 21:06
Interpreter/debugger for JVM bytecode
import sys
import shlex
import logging
from collections import namedtuple
from collections import defaultdict
import colorama
class LINE_TYPES:
@williballenthin
williballenthin / commands.sh
Last active September 5, 2024 15:16
Install IDA Pro under Wine in Docker
# build wine Docker image
pushd wine; docker build -t wine .; popd
# build x11 Docker image for IDA
pushd ida; docker build -t wine/ida .; popd
# demonstrate x11 forwarding works
docker run -ti --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix wine/ida xclock
# interactive shell in container
@williballenthin
williballenthin / qt_shim.py
Created December 23, 2015 14:00
Qt shim that handles simple PySide vs PyQt5 imports
def get_QtCore():
try:
# IDA 6.8 and below
import PySide.QtCore as QtCore
return QtCore
except ImportError:
# IDA 6.9
import PyQt5.QtCore as QtCore
return QtCore