Dave Hull davehull

Work Accounts: https://github.com/davehull-wiz https://github.com/davehull-rc

274 followers · 71 following

Various and sundry
I am from enternetz
http://trustedsignal.blogspot.com/

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

davehull / list.md

Created August 13, 2022 22:53 — forked from ih2502mk/list.md

Quantopian Lectures Saved

Lecture 1: Introduction to Research — [📝Lecture Notebooks] [▶️Video]
Lecture 2: Introduction to Python — [📝Lecture Notebooks] [▶️Video]
Lecture 3: Introduction to NumPy — [📝Lecture Notebooks] [▶️Video]
Lecture 4: Introduction to pandas — [📝Lecture Notebooks] [▶️Video]
Lecture 5: Plotting Data — [📝Lecture Notebooks] [[▶️Vide

davehull / memdumppe.py

Created July 18, 2020 04:05 — forked from williballenthin/memdumppe.py

Dump some PE file features from memory images.

	#!/usr/bin/env python2
	'''
	Dump some PE file features from memory images.

	author: Willi Ballenthin
	email: [email protected]
	website: https://gist.github.com/williballenthin/cbc102d561e2eb647f7aec3c3753ba55
	'''
	import os
	import sys

davehull / ASR Rules Bypass.vba

Created March 4, 2019 16:04

ASR rules bypass creating child processes

	' ASR rules bypass creating child processes
	' https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction
	' https://www.darkoperator.com/blog/2017/11/11/windows-defender-exploit-guard-asr-rules-for-office
	' https://www.darkoperator.com/blog/2017/11/6/windows-defender-exploit-guard-asr-vbscriptjs-rule

	Sub ASR_blocked()
	Dim WSHShell As Object
	Set WSHShell = CreateObject("Wscript.Shell")
	WSHShell.Run "cmd.exe"
	End Sub

davehull / Get-ClrReflection.ps1

Created October 25, 2017 02:12 — forked from dezhub/Get-ClrReflection.ps1

	function Get-ClrReflection
	{
	<#
	.SYNOPSIS

	Detects memory-only CLR (.NET) modules

	Author: Joe Desimone (@dez_)
	License: BSD 3-Clause