MRW01F
/ ASLR_DEP.ps1
Created
April 26, 2023 11:02
A powershell script to Enable/Disable, ASLR & DEP. Mainly for security testing purpose. !!! DO NOT RUN THIS SCRIPT ON PERSONAL/WORK DEVICE !!!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Prompt the user for input | |
| $choice = Read-Host "Enter 1 to enable DEP and ASLR, 2 to disable DEP and ASLR" | |
| if ($choice -eq "1") { | |
| # Enable DEP and ASLR | |
| Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" -Name "MoveImages" -Value 1 | |
| bcdedit.exe /set {current} nx AlwaysOn | |
| Write-Host "DEP and ASLR have been enabled." | |
| } | |
| elseif ($choice -eq "2") { |
MRW01F
/ revil_import_builder.py
Created
November 11, 2022 13:21
— forked from OALabs/revil_import_builder.py
IDA Python script to decipher and label REvil imports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| # fn_name = "wsprintfW" | |
| # api_hash = 0x0B6D391AE | |
| export_db = {} | |
| def get_api_hash(fn_name): | |
| result = 0x2b | |
| for c in fn_name: |
MRW01F
/ OrionImprovementBusinessLayer.cs
Created
April 23, 2022 17:15
— forked from wataf1/OrionImprovementBusinessLayer.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Collections.Generic; | |
| using System.Configuration; | |
| using System.Diagnostics; | |
| using System.IO; | |
| using System.IO.Compression; | |
| using System.IO.Pipes; | |
| using System.Linq; | |
| using System.Management; | |
| using System.Net; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create file with requred size (replace 512 with whatever you want) | |
| dd if=/dev/zero of=/swapfile bs=1M count=512 status=progress | |
| # Changing permission | |
| chmod 600 /swapfile | |
| # make it a swap file | |
| mkswap /swapfile | |
| # Turning on the swipe |