Skip to content

Instantly share code, notes, and snippets.

View nezlooy's full-sized avatar

fza nezlooy

104 followers · 161 following
View GitHub Profile
@WHW0x455
WHW0x455 / bypass_pac_in_jit_public.md
Last active February 26, 2026 08:32
Bypass PAC in JIT - CVE-2024-27834
@sroettger
sroettger / ierae_cet.md
Last active January 25, 2026 16:07

IERAE CTF 2024 - Intel CET Bypass Challenge

IERAE CTF had one of the coolest pwn challenges I've done in the while. It was written by hugeh0ge.

Here's the full source:

// gcc chal.c -fno-stack-protector -static -o chal
#include <stdio.h>
#include
@guest271314
guest271314 / javascript_engines_and_runtimes.md
Last active March 15, 2026 21:57
A list of JavaScript engines, runtimes, interpreters

V8 is Google’s open source high-performance JavaScript and WebAssembly engine, written in C++. It is used in Chrome and in Node.js, among others. It implements ECMAScript and WebAssembly, and runs on Windows 7 or later, macOS 10.12+, and Linux systems that use x64, IA-32, ARM, or MIPS processors. V8 can run standalone, or can be embedded into any C++ application.

SpiderMonkey is Mozilla’s JavaScript and WebAssembly Engine, used in Firefox, Servo and various other projects. It is written in C++, Rust and JavaScript. You can embed it into C++ and Rust projects, and it can be run as a stand-alone shell. It can also be [compiled](https://bytecodealliance.org/articles/making-javascript-run-fast-on

@fxthomas
fxthomas / vmmap.py
Last active July 19, 2024 11:06
Python analysis script for /proc/<pid>/maps data under Linux
#!/usr/bin/python
# coding=utf-8
"""Tool to analyze and display the contents of /proc/<pid>/maps"""
import re
import itertools
import argparse
from dataclasses import dataclass
@natowi
natowi / audio2midi.md
Last active March 11, 2026 23:11
List of open source audio to midi packages
@Jinmo
Jinmo / _.md
Last active September 29, 2025 23:06
C/C++ header to IDA

Usage

In IDAPython,

execfile('<path>/cxxparser.py')
parse_file('<path>/a.cpp',[r'-I<path>\LuaJIT-2.0.5\src', '-D__NT__', '-D__X64__', '-D__EA64__'])
parse_file('<path>/malloc.c',['-target=x86_64-linux-gnu'])
@richinseattle
richinseattle / LaunchWinAFL.java
Last active January 14, 2025 18:12
// Launch WinAFL with current function as hook location
//@author richinseattle
//@category _NEW_
//@keybinding
//@menupath
//@toolbar
// Usage:
// Install DynamoRIO and WinAFL
// Add LaunchWinAFL to Ghidra scripts
@cmatthewbrooks
cmatthewbrooks / hello_world_plugin.py
Created April 25, 2019 12:41
The simplest possible IDA plugin with multiple actions
##############################################################################
#
# Name: hello_world_plugin.py
# Auth: @cmatthewbrooks
# Desc: A test plugin to learn how to make these work; Specifically, how to
# have multiple actions within the same plugin.
#
# In plain English, IDA will look for the PLUGIN_ENTRY function which
# should return a plugin object. This object can contain all the
# functionality itself, or it can have multiple actions.
@allenyllee
allenyllee / install_tools.sh
Last active February 19, 2026 21:09
mount vhdx in linux
#!/bin/bash
# install qemu utils
sudo apt install qemu-utils
# install nbd client
sudo apt install nbd-client
@patois
patois / listkmods.py
Last active January 11, 2025 00:47
ida/vmware kernel debugging helper
from idaapi import *
# with code taken from
# - http://hexblog.com/idapro/vmware_modules.py
# - HexRays forum
# - https://gist.github.com/nmulasmajic/f90661489f858237bcd68fbde5516abd#file-find_nt_imagebase_x64-py
class LoadedModulesList(Choose2):
def __init__(self, title, modlistEA=BADADDR, flags=0, width=None, height=None, embedded=False, modal=False):