With the recent CTF’s I’ve played, I thought of coding an app to calculate big numbers easily, instead of manually programming. At times playing with big numbers is painful. I have written this in MASM32 and have used biglib for big numbers.



A Simple API Monitor

This is a simple Windbg script to monitor common Win32 API calls and display the strings, IPs, Ports, Registry keys passed to the APIs. The Win32 API is huge and I have used common APIs used by programs and malware. I coded this for fun ๐Ÿ™‚

Usage: ApiMon.wds run; g;

You can remove APIs as you wish to minimize the output or you can add any API you desire. For example

bp DLLName!APIName @"$$>a<${$arg0} APIName FileNamePtr

bp kernelbase!CreateFileA @"$$>a<${$arg0} CreateFileA 1";

This is a sample output that uses CreateProcess API.

This is from running netcat.


Magic Folder Hide

This is a application which I coded in last year but I have forgotten to make a blog post. Using this tool you can create a ‘..’ folder in Windows and store your data inside it. No one can access your files using the explorer since the path is not valid, they can only see the name ๐Ÿ™‚

This trick can be used in pentesting and is widely used by malware for hiding other malicious files. I coded this tool just for fun ๐Ÿ˜€