Skip to content

Instantly share code, notes, and snippets.

View redthing1's full-sized avatar

red thing redthing1

  • the eternal wonders of space
  • California
View GitHub Profile
@redthing1
redthing1 / commands.sh
Created September 5, 2024 15:16 — forked from williballenthin/commands.sh
Install IDA Pro under Wine in Docker
# build wine Docker image
pushd wine; docker build -t wine .; popd
# build x11 Docker image for IDA
pushd ida; docker build -t wine/ida .; popd
# demonstrate x11 forwarding works
docker run -ti --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix wine/ida xclock
# interactive shell in container
@redthing1
redthing1 / binja_rpyc_snippet.py
Created September 4, 2024 07:12 — forked from hugsy/binja_rpyc_snippet.py
Run Binary Ninja headlessly using RPyC
import binaryninja
import threading
import typing
import logging
import rpyc
import rpyc.utils.helpers
import rpyc.utils.server
if typing.TYPE_CHECKING:
import rpyc.core.protocol
@redthing1
redthing1 / covdiff.py
Created September 2, 2024 21:17 — forked from SiD3W4y/covdiff.py
Script diffing two sets of GBA basic block traces
import sys
def getvals(path):
lines = open(path, "r").readlines()
lst = []
for line in lines:
line = line.strip()
if len(line) >= 10:
@redthing1
redthing1 / EndpointSecurityDemo.m
Created April 6, 2024 08:56 — forked from Omar-Ikram/EndpointSecurityDemo.m
A demo of using Apple's EndpointSecurity framework - tested on macOS Monterey 12.2.1 (21D62)
//
// main.m
// EndpointSecurityDemo
//
// Created by Omar Ikram on 17/06/2019 - macOS Catalina 10.15 Beta 1 (19A471t)
// Updated by Omar Ikram on 15/08/2019 - macOS Catalina 10.15 Beta 5 (19A526h)
// Updated by Omar Ikram on 01/12/2019 - macOS Catalina 10.15 (19A583)
// Updated by Omar Ikram on 31/01/2021 - macOS Big Sur 11.1 (20C69)
// Updated by Omar Ikram on 07/05/2021 - macOS Big Sur 11.3.1 (20E241)
// Updated by Omar Ikram on 04/07/2021 - macOS Monterey 12 Beta 2 (21A5268h)
@redthing1
redthing1 / library_injector.cpp
Created April 5, 2024 19:53 — forked from saagarjha/library_injector.cpp
Load a library into newly spawned processes (using DYLD_INSERT_LIBRARIES and EndpointSecurity)
// To compile: clang++ -arch x86_64 -arch arm64 -std=c++20 library_injector.cpp -lbsm -lEndpointSecurity -o library_injector,
// then codesign with com.apple.developer.endpoint-security.client and run the
// program as root.
#include <EndpointSecurity/EndpointSecurity.h>
#include <algorithm>
#include <array>
#include <bsm/libbsm.h>
#include <cstdint>
#include <cstdlib>
@redthing1
redthing1 / wget-snapshotpage.md
Created October 23, 2022 01:38 — forked from dannguyen/wget-snapshotpage.md
Use wget to snapshot a page and its necessary visual dependencies

Use wget to mirror a single page and its visible dependencies (images, styles)

Money graphic via State of Florida CFO Vendor Payment Search

Graphic via State of Florida CFO Vendor Payment Search (flair.myfloridacfo.com)

This is a quick command I use to snapshot webpages that have a fun image I want to keep for my own collection of WTFViz. Why not just right-click and save the image? Oftentimes, the webpage in which the image is embedded contains necessary context, such as captions and links to important documentation just incase you forget what exactly that fun graphic was trying to explain.