Netspooky's Blog


[:  :]
Welcome To My Cool New On-Line Web Site // 
Hello
Notes // 
Collection of notes, gists, threads, and other nuggets of info.
BGGP4: A 420 Byte Self-Replicating UEFI App For x64 // 
My BGGP4 entry
Bad Will b2b DJ XLAT - XMAS MEGA MIX // 
Stream from a holiday themed DJ set I did
easylkb: Easy Linux Kernel Builder // 
Build simple Debian based Linux images for testing and debugging. From tmp.0ut Vol 3
LKM Golf // 
Creating tiny Linux Kernel Modules. From tmp.0ut Vol. 3
tmp.0ut Volume 3 // 
tmp.0ut 3 has 30 papers about Linux malware, exploits, file format hacking, and more. Go read them!!
BGGP4 Results // 
Results from the 4th annual Binary Golf Grand Prix
Bad Will x DJ XLAT - Live 7/1/23 // 
Stream from a DJ set I did
BGGP4 Announcement // 
Announcing the 4th annual Binary Golf Grand Prix: Replicate
netspooky/pdiff2 // 
A revised version of the pdiff tool
Protocol RE Talk // 
Slides, notes, and resources from a talk I did on Protocol RE
acble - Apple Continuity Dissector // 
Wireshark dissector for the Apple BLE Advertising Beacon protocol used by Airpods and other Apple devices
steel injection jungle mix // 
DJ Set - Jungle
scare - Simple Configurable Assembly REPL and Emulator // 
A multi-arch assembly REPL and emulator for your command line.
208 byte aarch64 ELF reverse shell // 
Playing around with golfing aarch64
netspooky/hexcalc // 
A small localhost hex calculator for your browser.
xx File Format // 
A file format for people who like to write in raw hex and draw pretty pictures.
BGGP3 Results // 
Results from the 3rd annual Binary Golf Grand Prix
BGGP3: LEMONADE.BIN // 
BGGP3 entry that DOSes Rizin and Radare2 with SOPHIE lyrics.
tmpout/elfs // 
A collection of interesting ELF files for inspiration and testing
yxd - Yuu's heX Dumper // 
A colorful hex dumping tool and library for your command line. Compatible with xxd!
Python3.7+ Multi-arch .pyc dropper // 
Using binary format handlers to run Python bytecode containing shellcode.
BGGP3 Announcement // 
Announcing the 3rd annual Binary Golf Grand Prix: Crash
kompaktblk Figlet Font // 
A small blocky figlet font.
uBLK Figlet Font // 
A blocky line based figlet font. Used on the BGGP3 announcement.
Wireshark is a lolbin // 
Tips n' Tricks for Wireshark, running arbitrary Lua scripts and DLLs
Packets Remystified: Broadcast Brujería // 
Different things you can do with broadcast and multicast protocols + tips on protocol design.
84 byte aarch64 ELF // 
A tiny ELF for 64 bit ARM, diagram and source. From tmp.0ut Vol. 2
BGGP2 Wrap Up // 
A write up about BGGP2: Polyglot. From tmp.0ut Vol 2
Elf Binary Mangling Pt. 4: Limit Break // 
An 82 byte ET_EXEC ELF for x86_64. From tmp.0ut Vol 2
Some ELF Parser Bugs // 
A whole bunch of bugs in different ELF parsers. From tmp.0ut Vol. 2
An ELF Palindrome for AMD64 // 
From PoC||GTFO 21. An updated version of the writeup for my BGGP2020 entry.
netspooky/importsort // 
A python tool to group imports from multiple Windows Binaries.
BGB Emulator Link Cable Protocol Dissector // 
A dissector for the TCP based link cable protocol used in the BGB emulator.
koholint Figlet Font // 
Based on the Links Awakening Font
six-fo Figlet Font // 
Based on the Nintendo 64 DD BIOS Font
BGGP2 Results // 
Detailed analysis of entries for the 2021 Binary Golf Grand Prix.
ns.bggp2021.asm // 
PE/PDF/JS Polyglot for BGGP2. 487 bytes.
PGStats Dissector // 
A dissector for the internal postgres stats protocol.
ELF Binary Mangling Series // 
A blog series about making super small ELFs
netspooky/kimagure // 
Windows Shellcode and TinyPE generator tool.
BGGP2 Announcement // 
Announcing the 2nd annual Binary Golf Grand Prix: Polyglot
In-Memory Kernel Module Loading // 
tmp.0ut 1.9 - Article about loading LKMs in memory from a remote source.
Encoding Mutations: A Base64 Case Study // 
Writeup about (ab)using base64 implementations
Linux.Precinct3.asm // 
A Linux Based Data Destruction Tool for authorized users only. From tmp.0ut Vol 1
BGGP1 Results Stream // 
Video covering the results from the first BGGP.
Palindromic 64 bit ELF binaries // 
Entry for BGGP2020. A small ELF that executes the same backwards as it does forwards.
Hella Booters Talk (Defcon 28 IoT Village) // 
I discuss IoT Botnets, the botnet scene, and IoT security.
netspooky/pdiff // 
A revised version of the pdiff tool
BGGP1 Announcement // 
Announcing the 1st annual Binary Golf Grand Prix: Palindrome
Adventures in Binary Golf (AirGap2020) // 
A talk about the theory and practice of binary golf. From AirGap2020.
Exotic Mirai Targets // 
Examination of Mirai binaries that target lesser known CPU architectures.
Modern PE Mangling // 
Creating tiny Windows executables for Windows 10.
Intro to Firmware Analysis (PancakesCon2020) // 
Notes from my talk about analyzing firmware at PancakesCon 2020.
Intro To Assembly Optimization // 
A stream covering the basics of doing x86 assembly optimization and binary golf.
threatland/TL-BOTS // 
A curated collection of source code for various botnets.
netspooky/inhale // 
A malware static analysis and classification tool.
threatland/TL-TROJAN // 
A curated collection of source code for various RATs, stealers and other trojans.
Cisco SMI: Still Tippin' // 
Discussion of the current state of attacks on switches using Cisco Smart Install.
threatland/TL-FRAUD // 
A curated collection of fraud related tools for research.
netspooky/jloot // 
JIRA Secure Attachment Looter. Dump files via IDOR in self-hosted JIRA.
Cheatsheets // 
Various cheatsheets