Some notes, tools, and techniques for reverse engineering Golang binaries.
MrRunt1me affilares
affilares
/ reverse-engineering-golang.md
Created
February 5, 2026 19:10
— forked from 0xdevalias/reverse-engineering-golang.md
Some notes, tools, and techniques for reverse engineering Golang binaries
affilares
/ DecompilerExporter.java
Created
June 18, 2025 04:57
— forked from borzacchiello/DecompilerExporter.java
Ghidra script to export C pseudo-code on multiple files, including defined types
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* ### | |
| * IP: GHIDRA | |
| * | |
| * Licensed under the Apache License, Version 2.0 (the "License"); | |
| * you may not use this file except in compliance with the License. | |
| * You may obtain a copy of the License at | |
| * | |
| * http://www.apache.org/licenses/LICENSE-2.0 | |
| * | |
| * Unless required by applicable law or agreed to in writing, software |
affilares
/ machineKeyFinder.aspx
Created
August 2, 2024 13:00
— forked from irsdl/machineKeyFinder.aspx
To find validation and decryption keys when AutoGenerate has been used in Machine Key settings
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ Page Language="C#" %> | |
| <% | |
| // Read https://soroush.secproject.com/blog/2019/05/danger-of-stealing-auto-generated-net-machine-keys/ | |
| Response.Write("<br/><hr/>"); | |
| byte[] autoGenKeyV4 = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\", "AutoGenKeyV4", new byte[]{}); | |
| if(autoGenKeyV4!=null) | |
| Response.Write("HKCU\\Software\\Microsoft\\ASP.NET\\4.0.30319.0\\AutoGenKeyV4: "+BitConverter.ToString(autoGenKeyV4).Replace("-", string.Empty)); | |
| Response.Write("<br/>"); | |
| byte[] autoGenKey = (byte[]) Microsoft.Win32.Registry.GetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\ASP.NET\\2.0.50727.0\\", "AutoGenKey", new byte[]{}); | |
| if(autoGenKey!=null) |
affilares
/ user-name-rules.txt
Created
August 2, 2024 10:25
— forked from dzmitry-savitski/user-name-rules.txt
Generate user name lists suitable for brute force attacks from first name and last name using these John the Ripper rules
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generate loins from First name & Last name wordlist (case insensitive) | |
| # https://dzmitry-savitski.github.io/2020/04/generate-a-user-name-list-for-brute-force-from-first-and-last-name | |
| [List.Rules:Login-Generator-i] | |
| # johndoe | |
| %1?w l Dp | |
| # john_doe | |
| %1?w l op_ |
affilares
/ Scrambled vs NetExec .md
Created
April 23, 2024 03:03
— forked from mpgn/Scrambled vs NetExec .md
Scrambled vs NetExec for fun and profit by @mpgn_x64
Let pwn the box Scrambled from HackTheBox using only NetExec ! For context, I was reading Scrambled writeup from 0xdf_ when I read this:
smbclient won’t work, and I wasn’t able to get crackmapexec to work either.
To be fair, at the time of his writeup it was true, but not anymore and it's pretty simple with NXC, 5 minutes and you get root :)
Note: I will pass the web part where we get one username : ksimpson
affilares
/ ghidra.py
Created
April 6, 2024 04:21
— forked from liba2k/ghidra.py
Script to run Ghidra from the command line including automatic analysis and lunching Ghidra for existing projects.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import os | |
| import sys | |
| import click | |
| import subprocess | |
| import tempfile | |
| import itertools as IT | |
| import select | |
| from time import sleep |
affilares
/ guid_reaper.py
Created
March 29, 2024 14:07
— forked from DanaEpp/guid_reaper.py
Tool to dump v1 GUIDs and generate a wordlist of GUIDs for use in bruteforce attacks against APIs with predictable GUIDs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python3 | |
| import argparse | |
| import datetime | |
| import re | |
| import sys | |
| import uuid | |
| ############################################################################### | |
| # Based off of Daniel Thatcher's guid tool |
affilares
/ fpm.py
Created
July 16, 2023 11:26
— forked from phith0n/fpm.py
Fastcgi PHP-FPM Client && Code Execution
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import random | |
| import argparse | |
| import sys | |
| from io import BytesIO | |
| # Referrer: https://github.com/wuyunfeng/Python-FastCGI-Client | |
| PY2 = True if sys.version_info.major == 2 else False |
affilares
/ Mimikatz-cheatsheet
Created
July 3, 2023 18:39
— forked from insi2304/Mimikatz-cheatsheet
Mimikatz Cheat Sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #general | |
| privilege::debug | |
| log | |
| log customlogfilename.log | |
| #sekurlsa | |
| sekurlsa::logonpasswords | |
| sekurlsa::logonPasswords full |
affilares
/ dangerouspythonfunc.md
Created
June 25, 2023 14:14
— forked from mccabe615/dangerouspythonfunc.md
dangerous python function
• commands.getoutput • commands.getstatus • commands.getstatusouput • compile • cPickle.load • cPickle.loads • eval • exec • execfile • marshal.load
NewerOlder