xiofee
xiofee
/ .clang-format
Created
June 25, 2025 10:11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| Language: Cpp | |
| Standard: Auto | |
| ColumnLimit: 120 | |
| UseTab: AlignWithSpaces | |
| TabWidth: 4 | |
| IndentWidth: 4 | |
| ObjCBlockIndentWidth: 4 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define IOCTL_FLTMGR_LOAD /* 0x88004(557060) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 1, METHOD_BUFFERED, FILE_WRITE_ACCESS) | |
| #define IOCTL_FLTMGR_UNLOAD /* 0x88008(557064) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 2, METHOD_BUFFERED, FILE_WRITE_ACCESS) | |
| #define IOCTL_FLTMGR_LINK_HANDLE /* 0x8400C(540684) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 3, METHOD_BUFFERED, FILE_READ_ACCESS) | |
| #define IOCTL_FLTMGR_ATTACH_VOLUME /* 0x88010(557072) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 4, METHOD_BUFFERED, FILE_WRITE_ACCESS) | |
| #define IOCTL_FLTMGR_DETACH_VOLUME /* 0x88014(557076) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 5, METHOD_BUFFERED, FILE_WRITE_ACCESS) | |
| #define IOCTL_FLTMGR_SEND_MESSAGE /* 0x8801B(557083) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 6, METHOD_NEITHER, FILE_WRITE_ACCESS) | |
| #define IOCTL_FLTMGR_GET_MESSAGE /* 0x8401F(540703) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 7, METHOD_NEITHER, FILE_READ_ACCESS) | |
| #define IOCTL_FLTMGR_REPLY_MESSAGE /* 0x88023(557091) */ CTL_CODE(FILE_DEVICE_DISK_FILE_SYSTEM, 8, METHO |
xiofee
/ gist:5cef58906e081682a988e654169ac518
Created
August 21, 2024 11:00
Visual Studio 202 keyboard commands
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AddQuickFile | |
| Analyze.CancelCodeMetricsCalculation | |
| Analyze.ConfigureCodeCleanup | |
| Analyze.EBF.CancelRunningCodeAnalysis | |
| Analyze.ForProject | |
| Analyze.ForProject | |
| Analyze.ForSelectedProjects | |
| Analyze.ForSolution | |
| Analyze.ForSolution | |
| Analyze.ForSolution |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| set -eu | |
| # find path to liblzma used by sshd | |
| path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')" | |
| # does it even exist? | |
| if [ "$path" == "" ] | |
| then |
xiofee
/ ida_fix_qstring.py
Last active
September 3, 2022 08:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # fix IDA error QString type | |
| import idc | |
| import ida_bytes | |
| import ida_segment | |
| def idc_get_item_size(addr): | |
| size = idc.get_item_size(addr) | |
| size = size if size > 0 else 0 | |
| return size |
xiofee
/ Enable-Unified-Log-Private-Data.mobileconfig
Created
July 15, 2022 04:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>PayloadContent</key> | |
| <array> | |
| <dict> | |
| <key>PayloadDisplayName</key> | |
| <string>ManagedClient logging</string> | |
| <key>PayloadEnabled</key> |
xiofee
/ xiofee.clang-format
Created
July 14, 2022 02:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| Language: Cpp | |
| BasedOnStyle: LLVM | |
| AccessModifierOffset: -2 | |
| AlignAfterOpenBracket: DontAlign | |
| AlignConsecutiveAssignments: true | |
| AlignConsecutiveDeclarations: true | |
| AlignEscapedNewlines: Right | |
| AlignOperands: true | |
| AlignTrailingComments: true |
xiofee
/ 1.Win10ApiSetMap.cpp
Last active
April 21, 2025 18:50
Windows 10 GetProcAddress with ApiSet Resolve
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // kernel32!GetProcAddress | |
| // kernelbase!GetProcAddress | |
| // ntdll!LdrGetProcedureAddressForCaller | |
| // ntdll!LdrpResolveProcedureAddress | |
| // ntdll!LdrpLoadForwardedDll | |
| // ntdll!LdrpPreprocessDllName | |
| // ntdll!LdrpApplyFileNameRedirection | |
| // ntdll!ApiSetResolveToHost | |
| // ntdll!ApiSetpSearchForApiSet | |
| // ntdll!ApiSetpSearchForApiSetHost |
xiofee
/ mainc.c
Created
October 14, 2021 03:01
— forked from jackullrich/mainc.c
Single Step Encryption/Decryption
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| LONG SingleStepEncryptDecrypt(EXCEPTION_POINTERS* ExceptionInfo); | |
| typedef VOID(__stdcall* Shellcode)(); | |
| LPBYTE ShellcodeBuffer; | |
| ULONG_PTR PreviousOffset; | |
| ULONG_PTR CurrentOffset; | |
| ULONGLONG InstructionCount; | |
| DWORD dwOld; |