Skip to content

Instantly share code, notes, and snippets.

View Techlord-RCE's full-sized avatar

Techlord-RCE

84 followers · 116 following
View GitHub Profile
@Techlord-RCE
Techlord-RCE / main.go
Created January 8, 2021 23:27 — forked from myrtus0x0/main.go
CRC32 brute force for dridex network requests
package main
import (
"fmt"
"hash/crc32"
)
const (
MAXCHARLEN = 6
)
@Techlord-RCE
Techlord-RCE / dll_exports.py
Created December 2, 2019 09:10 — forked from OALabs/dll_exports.py
Build dictionary of DLL exports (Windows API Names)
import os
import pefile
import json
INTERESTING_DLLS = [
'kernel32.dll', 'comctl32.dll', 'advapi32.dll', 'comdlg32.dll',
'gdi32.dll', 'msvcrt.dll', 'netapi32.dll', 'ntdll.dll',
'ntoskrnl.exe', 'oleaut32.dll', 'psapi.dll', 'shell32.dll',
'shlwapi.dll', 'srsvc.dll', 'urlmon.dll', 'user32.dll',
@Techlord-RCE
Techlord-RCE / exports.json
Created December 2, 2019 09:10 — forked from OALabs/exports.json
Common DLL exports (Windows API Names)
{"exports": ["A_SHAFinal", "A_SHAInit", "A_SHAUpdate", "AbortSystemShutdownA", "AbortSystemShutdownW", "AccessCheck", "AccessCheckAndAuditAlarmA", "AccessCheckAndAuditAlarmW", "AccessCheckByType", "AccessCheckByTypeAndAuditAlarmA", "AccessCheckByTypeAndAuditAlarmW", "AccessCheckByTypeResultList", "AccessCheckByTypeResultListAndAuditAlarmA", "AccessCheckByTypeResultListAndAuditAlarmByHandleA", "AccessCheckByTypeResultListAndAuditAlarmByHandleW", "AccessCheckByTypeResultListAndAuditAlarmW", "AddAccessAllowedAce", "AddAccessAllowedAceEx", "AddAccessAllowedObjectAce", "AddAccessDeniedAce", "AddAccessDeniedAceEx", "AddAccessDeniedObjectAce", "AddAce", "AddAuditAccessAce", "AddAuditAccessAceEx", "AddAuditAccessObjectAce", "AddConditionalAce", "AddMandatoryAce", "AddUsersToEncryptedFile", "AddUsersToEncryptedFileEx", "AdjustTokenGroups", "AdjustTokenPrivileges", "AllocateAndInitializeSid", "AllocateLocallyUniqueId", "AreAllAccessesGranted", "AreAnyAccessesGranted", "AuditComputeEffectivePolicyBySid", "AuditComputeEf
@Techlord-RCE
Techlord-RCE / revil_import_builder.py
Created December 2, 2019 09:08 — forked from OALabs/revil_import_builder.py
IDA Python script to decipher and label REvil imports
import json
# fn_name = "wsprintfW"
# api_hash = 0x0B6D391AE
export_db = {}
def get_api_hash(fn_name):
result = 0x2b
for c in fn_name:
@Techlord-RCE
Techlord-RCE / 8x1080.md
Created June 25, 2019 16:32 — forked from epixoip/8x1080.md
8x Nvidia GTX 1080 Hashcat Benchmarks
@Techlord-RCE
Techlord-RCE / rc4.py
Created June 18, 2019 08:22 — forked from OALabs/rc4.py
RC4 Crypto Python Module (probably stolen from stack overflow but it's been so long I can't remember)
#! /usr/bin/env python
##########################################################################################
##
## RC4 Crypto
##
##########################################################################################
def rc4crypt(key, data):
@Techlord-RCE
Techlord-RCE / iatp_autobuild.sh
Created May 30, 2019 01:08 — forked from hasherezade/iatp_autobuild.sh
A sample bash script to build IAT_Patcher on Linux
#!/bin/bash
echo "Trying to autobuild IAT_patcher..."
#QT check
QT_VER=`qmake -v`
QTV="version 4."
if echo "$QT_VER" | grep -q "$QTV"; then
echo "[+] Qt4 found!"
else
echo "[-] Qt4 NOT found!"
@Techlord-RCE
Techlord-RCE / GhidraDecompiler.java
Created April 11, 2019 23:05 — forked from guedou/GhidraDecompiler.java
Call the Ghidra decompiler from the command line
// Copyright (C) 2019 Guillaume Valadon <guillaume@valadon.net>
// This program is published under a GPLv2 license
/*
* Decompile a function with Ghidra
*
* analyzeHeadless . Test.gpr -import $BINARY_NAME -postScript GhidraDecompiler.java $FUNCTION_ADDRESS -deleteProject -noanalysis
*
*/
@Techlord-RCE
Techlord-RCE / boxstarter_oalabs_x86vm.ps1
Created March 27, 2019 16:40 — forked from OALabs/boxstarter_oalabs_x86vm.ps1
Boxstarter - One click malware analysis tools installer for 32bit VM
Set-ExecutionPolicy Unrestricted;
iex ((New-Object System.Net.WebClient).DownloadString('http://boxstarter.org/bootstrapper.ps1'));
get-boxstarter -Force;
Install-BoxstarterPackage -PackageName 'https://gist.githubusercontent.com/OALabs/afb619ce8778302c324373378abbaef5/raw/4006323180791f464ec0a8a838c7b681f42d238c/oalabs_x86vm.ps1';
@Techlord-RCE
Techlord-RCE / raspberry-pi-vpn-router.md
Created March 21, 2019 07:11 — forked from superjamie/raspberry-pi-vpn-router.md
Raspberry Pi VPN Router

Raspberry Pi VPN Router

This is a quick-and-dirty guide to setting up a Raspberry Pi as a "router on a stick" to PrivateInternetAccess VPN.

Requirements

Install Raspbian Jessie (2016-05-27-raspbian-jessie.img) to your Pi's sdcard.

Use the Raspberry Pi Configuration tool or sudo raspi-config to: