Willi Ballenthin williballenthin
williballenthin
/ gist:331f872cc157d64a8d53
Last active
August 29, 2015 14:16
parse an apache log timestamp, which looks something like `[17/Jan/2015:22:59:59 -0600]`
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # from: http://www.seehuhn.de/blog/52 | |
| class Timezone(datetime.tzinfo): | |
| def __init__(self, name="+0000"): | |
| self.name = name | |
| seconds = int(name[:-2])*3600+int(name[-2:])*60 | |
| self.offset = datetime.timedelta(seconds=seconds) | |
| def utcoffset(self, dt): | |
| return self.offset |
williballenthin
/ gist:ee0335a6826ce55ece2d
Last active
August 29, 2022 22:14
Methods for fetching structure fields in Go (golang)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import "log" | |
| import "time" | |
| import "reflect" | |
| // suggested via http://stackoverflow.com/a/8363629/87207 | |
| func trace(s string) (string, time.Time) { | |
| log.Println("START:", s) | |
| return s, time.Now() |
williballenthin
/ vegas2015.py
Last active
March 21, 2016 12:49
Fetch BlackHat, Defcon, and BsidesLV schedules and create a consolidated list
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| requirements: | |
| - requests | |
| - unicodecsv | |
| - beautifulsoup4 | |
| """ | |
| import re | |
| import functools | |
| from collections import namedtuple | |
| from collections import defaultdict |
williballenthin
/ syn_client_test.py
Last active
September 21, 2015 14:11
Test client and server to demo Vivisect Synapse
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import synapse.link as s_link | |
| import synapse.daemon as s_daemon | |
| import synapse.telepath as s_tele | |
| def log(*args, **kwargs): | |
| print("log %s %s" % (args, kwargs)) | |
| def main(): |
williballenthin
/ install_python_cim_ubuntu.sh
Last active
October 9, 2015 00:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # debian dependencies | |
| sudo apt-get install python3 python3-pip qt5-default python3-pyqt5 git | |
| # get virtualenv package for python3 | |
| sudo pip3 install virtualenv | |
| # prepare a clean Python environment | |
| mkdir env; virtualenv -p python3 env |
williballenthin
/ install_python_cim_arch.py
Created
October 12, 2015 19:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # arch dependencies | |
| sudo pacman -S python3 python-pyqt5 git | |
| sudo pip3 install virtualenv | |
| # prepare a clean Python environment | |
| mkdir env; virtualenv -p python3 env |
williballenthin
/ unicorn_single_step.go
Last active
December 27, 2019 01:59
Go program that demonstrates unexpected behavior in the Unicorn engine
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "encoding/hex" | |
| "fmt" | |
| uc "github.com/unicorn-engine/unicorn/bindings/go/unicorn" | |
| "strings" | |
| ) | |
| var asm = strings.Join([]string{ |
williballenthin
/ jvm-bytecode-interpreter.py
Created
December 2, 2015 21:06
Interpreter/debugger for JVM bytecode
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import shlex | |
| import logging | |
| from collections import namedtuple | |
| from collections import defaultdict | |
| import colorama | |
| class LINE_TYPES: |
williballenthin
/ commands.sh
Last active
September 5, 2024 15:16
Install IDA Pro under Wine in Docker
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # build wine Docker image | |
| pushd wine; docker build -t wine .; popd | |
| # build x11 Docker image for IDA | |
| pushd ida; docker build -t wine/ida .; popd | |
| # demonstrate x11 forwarding works | |
| docker run -ti --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix wine/ida xclock | |
| # interactive shell in container |
williballenthin
/ qt_shim.py
Created
December 23, 2015 14:00
Qt shim that handles simple PySide vs PyQt5 imports
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def get_QtCore(): | |
| try: | |
| # IDA 6.8 and below | |
| import PySide.QtCore as QtCore | |
| return QtCore | |
| except ImportError: | |
| # IDA 6.9 | |
| import PyQt5.QtCore as QtCore | |
| return QtCore |