Skip to content

Instantly share code, notes, and snippets.

View av-gantimurov's full-sized avatar

Alexander Gantimurov av-gantimurov

6 followers · 1 following
  • Angara MTDR Security
View GitHub Profile
@herrcore
herrcore / pemulator.py
Last active May 6, 2026 23:08
Simple class for loading a PE file in Unicorn
from typing import List
from capstone import *
from capstone.x86 import *
from unicorn import *
from unicorn.x86_const import *
from pefile import PE
class Emulator():
@emanuellopes
emanuellopes / gmk87-manual.md
Last active September 25, 2025 15:13 — forked from Joao-Peterson/gmk67-manual.md
GMK67 manual (English)
@tothi
tothi / ms-msdt.MD
Last active June 16, 2025 21:37
The MS-MSDT 0-day Office RCE Proof-of-Concept Payload Building Process

MS-MSDT 0-day Office RCE

MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters).

The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros).

Here are the steps to build a Proof-of-Concept docx:

  1. Open Word (used up-to-date 2019 Pro, 16.0.10386.20017), create a dummy document, insert an (OLE) object (as a Bitmap Image), save it in docx.
@kepano
kepano / obsidian-web-clipper.js
Last active June 13, 2026 15:45
Obsidian Web Clipper Bookmarklet to save articles and pages from the web (for Safari, Chrome, Firefox, and mobile browsers)
javascript: Promise.all([import('https://unpkg.com/turndown@6.0.0?module'), import('https://unpkg.com/@tehshrike/readability@0.2.0'), ]).then(async ([{
default: Turndown
}, {
default: Readability
}]) => {
/* Optional vault name */
const vault = "";
/* Optional folder name such as "Clippings/" */
@jmablog
jmablog / shortcodes.lua
Created January 30, 2021 17:23
A Pandoc lua filter that applies Pandoc fenced Div styling (https://pandoc.org/MANUAL.html#divs-and-spans) to Word and Latex/PDF output, as well as HTML.
function Div (elem)
if FORMAT:match 'docx' then
if elem.classes[1] == "notes" then
elem.attributes['custom-style'] = 'Notes'
return elem
else
return elem
end
elseif FORMAT:match 'latex' then
if elem.classes[1] == "notes" then
@OALabs
OALabs / revil_strings.py
Created January 26, 2020 22:13
Decrypt REvil ransomware strings with IDA Python
import idaapi, idc, idautils
class DecryptorError(Exception):
pass
def rc4crypt(key, data):
x = 0
box = range(256)
@s3rg3ys
s3rg3ys / ti_list.md
Last active April 25, 2020 11:20
Threat Intelligence Source List
@icecr4ck
icecr4ck / ida_mc_notes.md
Last active May 28, 2026 00:01
Some notes about the IDA Microcode (intermediate language).
@OALabs
OALabs / rc4.py
Created June 2, 2019 22:55
RC4 Crypto Python Module (probably stolen from stack overflow but it's been so long I can't remember)
#! /usr/bin/env python
##########################################################################################
##
## RC4 Crypto
##
##########################################################################################
def rc4crypt(key, data):
@huntrar
huntrar / full-disk-encryption-arch-uefi.md
Last active May 19, 2026 13:10
Arch Linux Full-Disk Encryption Installation Guide [Encrypted Boot, UEFI, NVMe, Evil Maid]

Arch Linux Full-Disk Encryption Installation Guide

This guide provides instructions for an Arch Linux installation featuring full-disk encryption via LVM on LUKS and an encrypted boot partition (GRUB) for UEFI systems.

Following the main installation are further instructions to harden against Evil Maid attacks via UEFI Secure Boot custom key enrollment and self-signed kernel and bootloader.

Preface

You will find most of this information pulled from the Arch Wiki and other resources linked thereof.

Note: The system was installed on an NVMe SSD, substitute /dev/nvme0nX with /dev/sdX or your device as needed.