Austin Hudson realoriginal
realoriginal
/ IntelPIN.cmake
Created
September 28, 2025 00:55
Updated IntelPIN with some fixes for the newer versions of PIN. Original from https://gist.github.com/mrexodia/f61fead0108603d04b2ca0ab045e0952
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Website: https://software.intel.com/content/www/us/en/develop/articles/pin-a-binary-instrumentation-tool-downloads.html | |
| # License: https://software.intel.com/sites/landingpage/pintool/pinlicense.txt | |
| # This snippet: https://gist.github.com/mrexodia/f61fead0108603d04b2ca0ab045e0952 | |
| # TODO: lunix support | |
| # Thanks to Francesco for showing me this method | |
| CPMAddPackage( | |
| NAME IntelPIN | |
| VERSION 3.31 | |
| URL https://software.intel.com/sites/landingpage/pintool/downloads/pin-external-3.31-98869-gfa6f126a8-msvc-windows.zip |
realoriginal
/ savepe32.go
Created
September 11, 2024 11:17
Adds `save_pe32` functionality to UTK so I can more easily experiment with UEFI firmware from the command line without legacy UEFItool
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copyright 2018 the LinuxBoot Authors. All rights reserved | |
| // Use of this source code is governed by a BSD-style | |
| // license that can be found in the LICENSE file. | |
| package visitors | |
| import ( | |
| "errors" | |
| "os" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .section .text$C | |
| .global GetIp | |
| GetIp: | |
| bl _next_instruction | |
| _next_instruction: | |
| mov x0, lr | |
| sub x0, x0, _next_instruction - GetIp | |
| ret |
realoriginal
/ CtlInject_Legacy.c
Created
October 26, 2023 15:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*! | |
| * | |
| * ROGUE | |
| * | |
| * GuidePoint Security LLC | |
| * | |
| * Threat and Attack Simulation Team | |
| * | |
| !*/ |
realoriginal
/ agent_proc_list_tab.py
Created
September 15, 2023 14:32
Example elements for displaying information back to the client and right-click-opt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # -*- coding:utf-8 -*- | |
| import PyQt5 | |
| import qtinter | |
| import asyncio | |
| class AgentProcListTab( PyQt5.QtWidgets.QWidget ): | |
| """ | |
| Tasks the specified agent with requesting a process listing against the | |
| specified agent and executes the rendered results. |
realoriginal
/ export_payload_dialog.py
Created
July 24, 2023 14:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import qtinter | |
| import ipaddress | |
| from PyQt5.QtWidgets import * | |
| from PyQt5.QtCore import * | |
| from PyQt5.QtGui import * | |
| class ExportPayloadDialog( QObject ): | |
| """ |
realoriginal
/ extc2.py
Created
May 17, 2023 21:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # ROGUE | |
| # | |
| # GuidePoint Security LLC | |
| # | |
| # Threat and Attack Simulation Team | |
| # | |
| import os | |
| import sys | |
| import click |
realoriginal
/ Entry.c
Last active
July 16, 2025 05:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| D_SEC( A ) NTSTATUS NTAPI Entry( _In_ PVOID Parameter ) | |
| { | |
| PARSED_BUF Psr; | |
| UINT32 Wrt = 0; | |
| PARG Arg = NULL; | |
| LPWSTR Nps = NULL; | |
| HANDLE Pip = NULL; |
realoriginal
/ Entry.c
Created
March 29, 2023 16:40
TLDR: How a socks proxy client is written to tunnel connections from a 'teamserver' to an agent.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*! | |
| * | |
| * RPROXICMP | |
| * | |
| * GuidePoint Security LLC | |
| * | |
| * Threat and Attack Simulation Team | |
| * | |
| !*/ |