green flow color: #001e00
red flow color: #1e0000
ntpower 0xntpower
0xntpower
/ Configure-WindowsUpdate-NoAutoReboot.ps1
Created
May 10, 2026 21:47
Auto-patch, never auto-reboot. A self-verifying Windows 11 Update policy script.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Configures Windows 11 Enterprise to auto-install updates without ever auto-rebooting. | |
| .DESCRIPTION | |
| - Enables fully automatic download + scheduled install of Windows Updates. | |
| - Disables every known auto-reboot path: logged-on-user reboots, scheduled-time | |
| reboots, deadline-forced reboots, and the UpdateOrchestrator reboot tasks. | |
| - Verifies all settings after applying and prints a pass/fail report. |
0xntpower
/ pr_to_markdown.py
Created
March 16, 2026 17:38
Dumps all review comments from a GitHub PR into a structured markdown file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| PR Review Comments to Markdown Exporter | |
| Dumps all review comments from a GitHub PR into a structured markdown file | |
| that can be fed to Claude Code for assistance in implementing fixes. | |
| Requirements: | |
| - GitHub CLI (gh) installed and authenticated | |
| - Python 3.7+ |
0xntpower
/ EntropyCalc.py
Created
February 11, 2026 08:54
A tool to compute Shannon entropy score of a file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| import math | |
| import argparse | |
| from pathlib import Path | |
| from collections import Counter | |
| from typing import NoReturn | |
| try: |
0xntpower
/ IDAFlowColoring.md
Last active
February 6, 2026 12:46
Standardizing my coloring of flows for IDA graph view reverse engineering
0xntpower
/ accept_sysinternals_eula.py
Created
December 16, 2025 18:24
Pre-accept Sysinternals EULAs for every .exe in a folder — writes HKCU\Software\Sysinternals\<tool>\EulaAccepted=1 and (when run elevated) sets the same for loaded HKU hives.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| accept_sysinternals_eula.py | |
| Set Sysinternals EulaAccepted=1 for every .exe in the current (or given) folder. | |
| Run as admin to write HKU entries for other loaded user hives (including .DEFAULT). | |
| """ | |
| from pathlib import Path | |
| import argparse |
0xntpower
/ PhysicalMemory.c
Last active
March 8, 2026 20:39
Translating VMA to PMA manually, allows to translate VMA of another process remotely, code from https://www.unknowncheats.me/forum/general-programming-and-reversing/523359-introduction-physical-memory.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <ntddk.h> | |
| #include <intrin.h> | |
| #include "PhysicalMemory.h" | |
| DRIVER_INITIALIZE DriverEntry; | |
| #ifdef ALLOC_PRAGMA | |
| #pragma alloc_text( INIT, DriverEntry ) | |
| #endif // ALLOC_PRAGMA |
0xntpower
/ HashCalculator.c
Last active
June 13, 2024 13:23
A mass hash calculation tool that calculates the hash of all the files in a given directory and prints them in a form of an array
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <Windows.h> | |
| // djb2 | |
| ULONG CalcMemHash(const PUCHAR data, size_t size) { | |
| ULONG hash = 5381; | |
| for (size_t i = 0; i < size; ++i) { | |
| hash = ((hash << 5) + hash) + data[i]; | |
| } |
0xntpower
/ RemoteShellcodeExec.c
Created
December 23, 2023 12:21
Execute shellcode inside the memory space of a remote process
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <Windows.h> | |
| unsigned char buf[] = "..."; // Paste your shellcode here | |
| int main(int argc, char** argv) | |
| { | |
| // Get the process ID of the target process | |
| DWORD targetProcessId = 00000; |
0xntpower
/ SelfShellcodeExec.c
Last active
March 8, 2026 20:39
Execute shellcode in the memory space of the current process
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <Windows.h> | |
| unsigned char buf[] = "..."; // Paste your shellcode here | |
| int main(int argc, char** argv) | |
| { | |
| // Allocate memory for shellcode inside our local process | |
| void* shllCodeBuff = VirtualAlloc(0, sizeof(buf), MEM_COMMIT, PAGE_EXECUTE_READWRITE); | |
| if (shllCodeBuff == NULL) |
NewerOlder