Archive

Archive for the ‘Programming’ Category

Bitwise operations with Python

September 14, 2015 Leave a comment

http://blog.didierstevens.com/programs/translate/

Translate.py is a Python script to perform bitwise operations on files (like XOR, ROL/ROR, …). You

specify the bitwise operation to perform as a Python expression, and pass it as a command-line argument.

translate.py malware malware.decoded ‘byte ^ 0x10’


Direct download: https://didierstevens.com/files/software/translate_v2_0_0.zip
Categories: Python

Python pip and vcvarsall on Windows

April 9, 2015 Leave a comment

Linking to this SO answer and re-posting it here, as I seem to search for it every few weeks or so:

For Windows installations:

While running setup.py for package installations, Python 2.7 searches for an installed Visual Studio 2008. You can trick Python to use a newer Visual Studio by setting the correct path in VS90COMNTOOLSenvironment variable before calling setup.py.

Execute the following command based on the version of Visual Studio installed:

  • Visual Studio 2010 (VS10): SET VS90COMNTOOLS=%VS100COMNTOOLS%
  • Visual Studio 2012 (VS11): SET VS90COMNTOOLS=%VS110COMNTOOLS%
  • Visual Studio 2013 (VS12): SET VS90COMNTOOLS=%VS120COMNTOOLS%
Categories: Programming, Python, Tech, Windows

Visualizing Garbage Collection

February 16, 2015 Leave a comment

Visual guide to understanding garbage collection algorithms!

Categories: Programming, Tech

Data::Dumper formatting

October 8, 2014 Leave a comment

I look this up about every couple weeks, so I’m posting it here for posterity. In order to nicely format Data::Dumper output…

I almost always set

$Data::Dumper::Indent = 1;
$Data::Dumper::Sortkeys = 1;

with Data::Dumper. The first statement makes the output more compact and much more readable when your data structure is several levels deep. The second statement makes it easier to scan the output and quickly find the keys you are most interested in.

If the data structure contains binary data or embedded tabs/newlines, also consider

$Data::Dumper::Useqq = 1;

which will output a suitable readable representation for that data.

Much more in the perldoc.

Categories: Perl, Tech

Free Online CTF and Penetration Testing Course

June 14, 2014 1 comment

From Trail of Bits, they are offering a free online CTF and penetration testing course. Lots of great material from a well respected organization.

 

Avoid unsafe functions with Microsoft’s ‘banned.h’

March 27, 2014 Leave a comment

banned.h is an import header file to include in your Windows C++ projects to help avoid introducing security flaws into your application.

The banned.h header file is a sanitizing resource that is designed to help developers avoid using and help identify and remove banned functions from code that may lead to vulnerabilities. Banned functions are those calls in code that have been deemed dangerous by making it relatively easy to introduce vulnerabilities into code during development.  For example, if a developer decided to use the strcpy function in his/her code, using banned.h in the same application will generate error(s) when its recompiled telling the developer that strcpy has been deprecated.  When the developer investigates why the error is being generated, they will likely figure out that strcpy has been replaced with a more secure version called strcpy_s, that makes it more difficult to make mistakes that lead to simple buffer overflows.

 

Categories: C/C++, Programming, Tech

Debugger Detection in Windows

March 15, 2014 Leave a comment

Some thorough documentation on anti-debugging techniques in Windows:

Categories: Disassembly, Programming, Tech