denji

VMware VMX Configuration Parameters - Documentation

⚠️ WARNING: USE AT YOUR OWN RISK
These parameters are largely undocumented and unsupported by VMware. Always backup your .vmx files before making changes and test in non-production environments first.

Table of Contents

• File Format and Structure
• Basic Virtual Machine Configuration
• Hardware Configuration

todbot

# espnow-simple_hacky_receiver.py -- show ESPnow working broadcast on CircuitPython
# 9 Jul 2025 - @todbot
# tested on QTPY ESP32-S2 and FunHouse (ESP32-S2)
import time
import wifi
import espnow

# https://github.com/adafruit/circuitpython/issues/9380#issuecomment-2463013607
# hack to switch channel that is used for ESPNow
# this takes just a few milliseconds, so doesn't waste a lot of power

gremlinbeet

//
// onexit.h
//
// Defines ON_EXIT macro to create finalizer objects.
// These objects execute specified code when they go out of scope.
// 
// Useful when you can't be bothered writing RAII wrappers for every little thing in 3rd-party code,
// but still want to reduce cognitive load by not tracking stuff you might need to cleanup.
//
// Usage example:

gremlinbeet

// Pseudocode and structs for nt!PsSyscallProviderDispatch.
// For ntosknrl win11 24H2 10.0.26100.1742.
// Restored by Cyra, adjusted by @sixtyvividtails.
//
// See actual research:
// by @gal_kristal: https://gist.github.com/Kristal-g/eec050b3fcea2a77715ef0cff4acf841
// by @0xfluxsec: https://fluxsec.red/alt-syscalls-for-windows-11


// name's mine  // @gal_kristal: _PS_SYSCALL_PROVIDER_SERVICE_DESCRIPTOR_GROUP

smx-smx

XZ Backdoor symbol deobfuscation. Updated as i make progress

rbmm

void RemapSelfInternal(PVOID ImageBase, PVOID TempBase, ULONG SizeOfImage, HANDLE hSection)
{
	if (UnmapViewOfFile(ImageBase))
	{
		PVOID BaseAddress = ImageBase;
		SIZE_T ViewSize = SizeOfImage;

    // for x64 only, because we not pass address of ZwMapViewOfSection
		if (0 <= ZwMapViewOfSection(hSection, NtCurrentProcess(), &BaseAddress, 
			0, 0, 0, &ViewSize, ViewUnmap, 0, PAGE_EXECUTE_READWRITE) && ImageBase == BaseAddress)

rbmm

BOOL UnhookNT()
{
	BOOL fOk = FALSE;

	if (HMODULE hmod = GetModuleHandleW(L"ntdll"))
	{
		if (PIMAGE_NT_HEADERS pinth = RtlImageNtHeader(hmod))
		{

			PVOID BaseAddress = (PBYTE)hmod + pinth->OptionalHeader.BaseOfCode;

erwinkersten

Install WIndows Package Manager (winget) on Windows Server 2022

1. Download and install microsoft-ui-xaml
2. Download WinGet an License file
3. Install WinGet with License

Execute the following in Windows PowerShell (PowerShell 7 doesn't support the Appx module)

#Update versions, see https://github.com/microsoft/microsoft-ui-xaml/releases (grab Microsoft.UI.Xaml Winget may require a specific version) 

rbmm

#include "stdafx.h"

_NT_BEGIN

NTSTATUS CreatePlaceHolder(PCWSTR lpFileName, ULONG SizeOfImage)
{
	struct SEF : IMAGE_DOS_HEADER, IMAGE_NT_HEADERS, IMAGE_SECTION_HEADER
	{
	} y {};

monoxgas

using NtApiDotNet;
using NtApiDotNet.Ndr.Marshal;
using NtApiDotNet.Win32;
using NtApiDotNet.Win32.Rpc.Transport;
using NtApiDotNet.Win32.Security.Authentication;
using NtApiDotNet.Win32.Security.Authentication.Kerberos;
using NtApiDotNet.Win32.Security.Authentication.Kerberos.Client;
using NtApiDotNet.Win32.Security.Authentication.Kerberos.Server;
using NtApiDotNet.Win32.Security.Authentication.Logon;
using System;