Skip to content

Instantly share code, notes, and snippets.

View avestura's full-sized avatar
🍀
tell me about the odds

Avestura avestura

🍀
tell me about the odds
269 followers · 92 following
View GitHub Profile
@avestura
avestura / README.md
Last active April 6, 2025 07:34
Test yara rules

YARA Rules Tests

We have two folders called:

  • yararules: here we put our custom yara rules
  • yararules.test: here we put the test cases for the yararules custom yaras

For each .yar file inside the yararules folder, we should create a folder with the same name as the yara file inside the yararules.test/testcases folder.

  • If the test case file starts with ok-* it means that the file should not match the yara file.
@avestura
avestura / shirini-preventer.ahk
Created March 11, 2025 08:26
Protects your system from intruders who want "Shirini" from you
#Requires AutoHotkey v2.0
#Include RegExHotstring.ahk
#SingleInstance Force
RegExHotstring("([s$]+)(h+)([i!]+)(r+)([i!]+)(n+)([i!]+)", (m) => DllCall("LockWorkStation"), "* ?")
RegExHotstring("(ش+)(ی+)(ر+)(ی+)(ن+)(ی+)", (m) => DllCall("LockWorkStation"), "* ?")
RegExHotstring("(b+)(a+)(s+)(t+)(a+)(n+)([i!]+)", (m) => DllCall("LockWorkStation"), "* ?")
RegExHotstring("(ب+)(س+)(ت+)(ن+)(ی+)", (m) => DllCall("LockWorkStation"), "* ?")
RegExHotstring("(m+)(i+)(d+)(a+)(m+)", (m) => DllCall("LockWorkStation"), "* ?")
@avestura
avestura / gitlab-deps.tpl
Created January 7, 2025 16:50
Gitlab Template for Aqua Trivy that outputs dependency_scanning report instead of container_scanning
{{- /* Template based on https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#reports-json-format */ -}}
{
"version": "15.0.7",
"scan": {
"analyzer": {
"id": "trivy",
"name": "Trivy",
"vendor": {
"name": "Aqua Security"
},
@avestura
avestura / .gitconfig
Last active January 19, 2025 20:33
Avestura's Git Config
[core]
editor = nvim
[status]
short = true
branch = true
[url "https://"]
insteadOf = git://
[url "https://github.com/"]
@avestura
avestura / why-go-bad.md
Last active April 17, 2025 14:37
The reasons why Golang is a bad language, according to my friend.

Written by @trgwii, not me:

Why Go is bad?

"If Go wasn't made by Google, what would be bad about it?" Stafn asked.

And this is the response from Thomas:

  1. uncomposable error handling, this is like being back to:
@avestura
avestura / youtube-block-bypass.js
Created December 28, 2023 19:23
YouTube follow "continue" param
document.location = decodeURI(new URLSearchParams(window.location.search).get("continue"))
@avestura
avestura / windows-slow-down-process.ps1
Last active August 11, 2023 15:24
Slow down a Windows process by constantly suspend and resuming the process
# use pssuspend to suspend and resume a process
# download at SysInternals Process Utilities
# https://learn.microsoft.com/en-us/sysinternals/downloads/pssuspend
$targetProcessId = 102030
$freezeMS = 1000
$resumeMS = 1
while($true) {
pssuspend.exe $targetProcessId
@avestura
avestura / dragon-recurse.js
Created May 5, 2023 20:16
const getDragon2 = n => {
const getDragonRecurse = (n, complement) => {
if(n === 1) {
return complement ? [0] : [1]
}
const right = getDragonRecurse(n - 1, complement);
const left = getDragonRecurse(n - 1, !complement);
return complement ? [...right, 0, ...left] : [...left, 1, ...right]
}
@avestura
avestura / write-dragon.js
Last active May 5, 2023 17:00
Get a "V" and "P" representation of dragon fractal
const getDragonBit = (n) => {
while ((n & 1) == 0) {
n = n >> 1;
}
return 1 - ((n >> 1) & 1)
}
const getDragon = n => {
let str = ""
for (i = 1; i < Math.pow(2, n); i++) {
@avestura
avestura / cpu-affinity-test.fs
Created April 26, 2023 17:35
CPU Affinity Test
open System
open System.Linq
open System.Diagnostics
// change cpu affinity while app is running
// run in debug mode: optimizations off
printfn "Press enter to continue"