Standard escape codes are prefixed with Escape:
- Ctrl-Key:
^[ - Octal:
\033 - Unicode:
\u001b - Hexadecimal:
\x1B - Decimal:
27
FZKiritsugu
FZKiritsugu
/ hint_calls.py
Created
March 18, 2024 09:42
— forked from williballenthin/hint_calls.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| IDA plugin to display the calls and strings referenced by a function as hints. | |
| Installation: put this file in your %IDADIR%/plugins/ directory. | |
| Author: Willi Ballenthin <[email protected]> | |
| Licence: Apache 2.0 | |
| ''' | |
| import idc | |
| import idaapi | |
| import idautils |
FZKiritsugu
/ Statc_Stealer.py
Created
August 19, 2023 03:34
— forked from X-Junior/Statc_Stealer.py
Statc Stealer String Decryptor
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import struct , sys , pefile , validators , re , base64 | |
| from capstone import * | |
| from capstone.x86 import * | |
| ''' | |
| Author: Mohamed Ashraf (@X__Junior) | |
| Usage: | |
| python3 Statc_Stealer.py path_to_sample | |
| ''' |
FZKiritsugu
/ Instructions.md
Created
June 20, 2023 23:47
— forked from NotMedic/Instructions.md
Headless Remote Chrome Debugging - Ichabod Chrome :)
FZKiritsugu
/ lolDrivers_FindMatches.ps1
Created
May 21, 2023 18:59
— forked from ConanChiles/lolDrivers_FindMatches.ps1
search local system for known lolDrivers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Requires -Version 5.1 | |
| Set-StrictMode -Version 'latest' | |
| $ErrorActionPreference = 'stop' | |
| if ( !(Test-Path -Path 'Variable:lolDriversJson' -PathType Leaf) ) { | |
| [datetime]::Now.ToString('o') | Write-Host -ForegroundColor Cyan | |
| 'downloading lolJdriver JSON' | Write-Host -ForegroundColor Cyan | |
| $lolDriversJson = Invoke-RestMethod -Method Get -Uri 'https://www.loldrivers.io/api/drivers.json' | |
| } |
FZKiritsugu
/ check_vulnerabledrivers.ps1
Created
May 21, 2023 18:59
— forked from api0cradle/check_vulnerabledrivers.ps1
A quick script to check for vulnerable drivers. Compares drivers on system with list from loldrivers.io
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Simple script to check drivers in C:\windows\system32\drivers against the loldrivers list | |
| # Author: Oddvar Moe - @oddvar.moe | |
| $drivers = get-childitem -Path c:\windows\system32\drivers | |
| $web_client = new-object system.net.webclient | |
| $loldrivers = $web_client.DownloadString(" https://www.loldrivers.io/api/drivers.json") | ConvertFrom-Json | |
| Write-output("Checking {0} drivers in C:\windows\system32\drivers against loldrivers.io json file" -f $drivers.Count) | |
| foreach ($lol in $loldrivers.KnownVulnerableSamples) | |
| { |
FZKiritsugu
/ check_vulnerabledrivers.ps1
Created
May 21, 2023 18:59
— forked from api0cradle/check_vulnerabledrivers.ps1
A quick script to check for vulnerable drivers. Compares drivers on system with list from loldrivers.io
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Simple script to check drivers in C:\windows\system32\drivers against the loldrivers list | |
| # Author: Oddvar Moe - @oddvar.moe | |
| $drivers = get-childitem -Path c:\windows\system32\drivers | |
| $web_client = new-object system.net.webclient | |
| $loldrivers = $web_client.DownloadString(" https://www.loldrivers.io/api/drivers.json") | ConvertFrom-Json | |
| Write-output("Checking {0} drivers in C:\windows\system32\drivers against loldrivers.io json file" -f $drivers.Count) | |
| foreach ($lol in $loldrivers.KnownVulnerableSamples) | |
| { |
FZKiritsugu
/ shitcode.c
Created
May 21, 2023 18:57
— forked from susMdT/shitcode.c
hahaha da shellcode go brrrr
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Core.h> | |
| #include <Win32.h> | |
| #include <Structs.h> | |
| #include <Sleep.h> | |
| #include <Utils.h> | |
| SEC( text, C ) VOID Ekko ( DWORD SleepTime, PINSTANCE Instance) | |
| { |
FZKiritsugu
/ shellcode_exec_workerfactory.c
Created
May 19, 2023 17:18
— forked from RistBS/shellcode_exec_workerfactory.c
Just another shellcode execution technique :)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <stdio.h> | |
| #define PRINTDEBUG(fmt, ...) printf(fmt "\n", ##__VA_ARGS__) | |
| #define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0) | |
| #define WORKER_FACTORY_FULL_ACCESS 0xf00ff | |
| typedef struct _UNICODE_STRING { |
FZKiritsugu
/ extc2.py
Created
May 17, 2023 23:09
— forked from realoriginal/extc2.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # ROGUE | |
| # | |
| # GuidePoint Security LLC | |
| # | |
| # Threat and Attack Simulation Team | |
| # | |
| import os | |
| import sys | |
| import click |
NewerOlder