Skip to content

Instantly share code, notes, and snippets.

View an0x03e8's full-sized avatar

an0x03e8

7 followers · 86 following
View GitHub Profile
@Dfte
Dfte / SilentListener.py
Last active February 27, 2025 05:53
import random
import argparse
import tempfile
import ipaddress
from time import sleep
from shlex import split
from os import path, remove
from scapy.all import sniff
from threading import Thread
from subprocess import Popen, PIPE
@dadevel
dadevel / impacket-aeskey.py
Last active December 10, 2024 21:09
Impacket AES Key Calculator
#!/usr/bin/env python3
from argparse import ArgumentParser
from binascii import unhexlify, hexlify
import json
from impacket.krb5.constants import EncryptionTypes
from impacket.krb5.crypto import string_to_key
# source: https://snovvcrash.rocks/2021/05/21/calculating-kerberos-keys.html
# usage: ./impacket-aeskey.py -d corp.local -c srv01 -p 8bd8406a...
@namazso
namazso / CMakeLists.txt
Created March 26, 2024 10:22
Universal function proxy
cmake_minimum_required(VERSION 3.28)
project(untitled C ASM)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_ASM_COMPILE_OPTIONS_MSVC_RUNTIME_LIBRARY_MultiThreaded "")
set(CMAKE_ASM_COMPILE_OPTIONS_MSVC_RUNTIME_LIBRARY_MultiThreadedDLL "")
set(CMAKE_ASM_COMPILE_OPTIONS_MSVC_RUNTIME_LIBRARY_MultiThreadedDebug "")
set(CMAKE_ASM_COMPILE_OPTIONS_MSVC_RUNTIME_LIBRARY_MultiThreadedDebugDLL "")
@HackingLZ
HackingLZ / vdm_lua_extract.py
Last active December 31, 2024 05:25
VDM Lua Extractor
### Original script and research by commial
### https://github.com/commial/experiments/tree/master/windows-defender
### Set LUADec_Path to binary
### https://github.com/viruscamp/luadec
import struct
import argparse
import sys
import os
import io
import subprocess
@EvanMcBroom
EvanMcBroom / pic-and-string-literals-2.md
Last active April 11, 2025 04:49
Pic and String Literals Part 2

PIC and String Literals Part 2

I previously wrote about how to use macro metaprogramming to simplify using string literals in position independent code (PIC). The results are summarized in the below code snippet and the article can be read on GitHub.

void f() {
    // Example 1: The Pic idiom for instantiating a string
    char picString1[]{ 'a', 'b', 'c' };
@EvanMcBroom
EvanMcBroom / pic-and-string-literals.md
Last active March 6, 2025 07:34
Position Independent Code and String Literals

Position Independent Code and String Literals

A common programming idiom when writing position independent code (PIC) is to expand a string literal into its individual characters when instantiating a local variable.

void f() {
    // Example 1: A normal instantiation with a string literal
    char a[]{ "a long string" };

 // Example 2: The Pic idiom for instantiating a string
@Nexact
Nexact / EtwpCreateEtwThread.rs
Created October 13, 2020 21:44
Classic Windows process injection written in Rust using EtwpCreateEtwThread & a XOR routine to decrypt shellcode.
#![windows_subsystem = "windows"]
extern crate libc;
use std::os::raw::{c_void, c_int};
use std::{ptr, thread, time};
#[link(name = "kernel32")]
#[link(name = "user32")]
extern "stdcall" {
pub fn LoadLibraryA(lpFileName: *const u8) -> *const usize;
pub fn GetProcAddress(hModule: *const usize, lpProcName: *const u8) -> *const usize;
@xpn
xpn / unmanaged_dotnet_unhook_etw.c
Created March 18, 2020 00:32
#include <stdio.h>
#include <Windows.h>
#include <MSCorEE.h>
#include <MetaHost.h>
#include <evntprov.h>
int main()
{
ICLRMetaHost* metaHost = NULL;
IEnumUnknown* runtime = NULL;