Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Leaderboard

Popular Content

Showing content with the highest reputation since 08/16/2025 in Posts

  1. Washi
    6 points
    It's that time of the year again. It seems we're starting September 26 8PM EST again with a return to Web3 and YARA as well. Four weeks instead of six this year... I wonder what the reason for this is. 🤔 https://flare-on.com/
  2. boot
    Hi @LCF-AT , DriverMonitor is an old tool that has been released for over 20 years. I am accustomed to using this app to load some Windows drivers. For learning and testing purposes, I used some leaked certificates to sign this driver. Now I will upload the signed driver here. I have set up a callback function (ProcessNotifyExRoutine_call_back) in the driver to filter specific process names in order to prevent their loading. Therefore, before uninstalling the driver, the target process cannot be started. This simple APP can kill some driver-protected antivirus software or system-level processes. For example, antivirus software such as Kaspersky and Symantec. If you terminate the system processes (e.g. winlogon.exe and dwm.exe), it will result in a BSOD. bin_v0.002.zip(Requires: 64-bit OS & >= Windows 7) DriverMonitor_EN.rar Video_2025-09-14_161309.mp4 (4.69 MB)
  3. jackyjask
    damn it! this is GENIOUS! (instead of WinAPI old dirty crap!!!) easy! just read the docs :) built a binary using that multi-precision lib: (left vs last build fom @Stuttered ) FileSizeCALC_0.0.11.zip
  4. Teddy Rogers
    Those with keen eyes may have already noticed there has been a change to the board, it has now been updated to Invision Community 5. If you see an issue somewhere please let me know and I'll have a look at fixing it up... Ted.
  5. Teddy Rogers
    Click on your username at the top of the board and select, "Mark all content as read". It is now as wide as the default theme allows. Is this better? Ted.
  6. hydradragonantivirus
    You can look for HydraDragonAntivirus/AutoNuitkaDecompiler: Get malware payload without dynamic analysis with this auto decompiler or my main project. I did with that. If you want dynamic analysis then Is Nuitka No Longer Secure? A Reverse Engineering Tool for Nuitka/Cython-Packed Applications — pymodhook | by qfcy | Medium (There more advanced special python code for pymodhook but it's closed source for vxnet and not made by me so I can't make it public) If you want both dynamic and static: Siradankullanici/nuitka-helper: Symbol Recovery Tool for Nuitka Binaries I did extract with stage1.py or nuitka-extractor extremecoders-re/nuitka-extractor: Tool to extract nuitka compiled executables (or just do dynamic analysis for extract and sometimes it can't extract or Nuitka compiles executable as dll so you need dll loader It seems like it becoming obsolete · Issue #15 · extremecoders-re/nuitka-extractor) my main project not stable but if he is become stable then he can detect is he nuitka and do auto extract with auto decompile and you get source code. Nuitka is actually hiding data in resources section in specia bytecode format. Actual source code starts from (u)python.exe or /python.exe (generally in broken executables) then you need look for <modulecode part for import recovery and Nuitka compiles with everything for obfuscation. So too many comment lines from file exists. You can detect junks by that line contains no u word. Which means this line is junk because u means go to next line in Nuitka bytecode. Nuitka is not obfuscated if he doesn't compile with everything otherwise it's obfuscated. You can improve my script by looking Nuitka bytecode source code. You can post to ay AI to recover code but Gemini is currently best for very long codes. Compared to other obfuscators you need pyarmor with Nuitka to make him more secure (or guardshield with pip install guardshield), otherwise it's easy task if there no too many imports. Rarely user disables compile everything even if the docs then your task much easier but in default Nuitka compiles everything. Nuitka clearly worser than Rust for some reason. 1) Antiviruses flags as malware because malware analysts can't understand Nuitka (even if they are too experinced they really don't know how to solve Nuitka) so you get false positives. 2) It's not good obfuscator and it's not creating millions of line hello world code via normal cython. I don't recommend python to use for avoid reverse engineering but you can still use it. If you want I can give all details which I know with tutorial or I can release my main project for auto Nuitka decomplication. My last words are don't use pyoxidizer, pyinstaller, cx_freeze if you want obfuscate your code because Nuitka is still best open source option for python. Nuitka can't remove python.h so the code must be pseudo python (Cython like style)
  7. Stuttered
    Seems like we have a winner! 👍
  8. Stuttered
    Update v0.0.10. Thx @jackyjask for pointing to the BigNumber library and assist. See attached. FileSizeCALC_v0.0.10.rar
  9. hydradragonantivirus
    Nuitka can be easily unpacked and reversed. It doesn't obfuscate your code well. I'm suprised nobody solved this very easily. Also your executable is broken. Here is the full source code: def check_password(): """Check password function""" user_password = input("Enter the password: ") specific_password = "secret110" if user_password specific_password: print("Good boy!") else: print("Bad boy!") if name "__main__": check_password()
  10. .hloire
    3 points
    0826.mp4https://www.youtube.com/watch?v=D1uc1u2d3Dw&t=161s
  11. Teddy Rogers
    Some screenshots... Ted.
  12. Teddy Rogers
    @Stuttered the formatting using Code Blocks seems to be working okay here... using System; using System.IO; using System.Windows.Forms; namespace FileSizeCalculator { public partial class Form1 : Form { private TextBox outputTextBox; public Form1(string filePath = null) { // Set form properties this.Text = "File Size Calculator"; this.Size = new System.Drawing.Size(400, 350); this.AllowDrop = true; this.DragEnter += Form1_DragEnter; this.DragDrop += Form1_DragDrop; // Create a label for instructions Label instructionLabel = new Label { Text = "Drag and drop a PE file here or onto the desktop icon.", AutoSize = true, Location = new System.Drawing.Point(10, 10) }; this.Controls.Add(instructionLabel); // Create a multiline TextBox for output outputTextBox = new TextBox { Multiline = true, ReadOnly = true, ScrollBars = ScrollBars.Vertical, Location = new System.Drawing.Point(10, 40), Size = new System.Drawing.Size(360, 250) }; this.Controls.Add(outputTextBox); // Process file if provided via command-line (desktop icon drop) if (!string.IsNullOrEmpty(filePath)) { ProcessFile(filePath); } } private void Form1_DragEnter(object sender, DragEventArgs e) { if (e.Data.GetDataPresent(DataFormats.FileDrop)) { e.Effect = DragDropEffects.Copy; } } private void Form1_DragDrop(object sender, DragEventArgs e) { string[] files = (string[])e.Data.GetData(DataFormats.FileDrop); if (files.Length > 0) { ProcessFile(files[0]); } } private void ProcessFile(string path) { outputTextBox.Text = string.Empty; if (!File.Exists(path)) { outputTextBox.Text = "File not found."; return; } // Check if it's a PE file (starts with 'MZ') bool isPE = false; try { using (FileStream fs = new FileStream(path, FileMode.Open, FileAccess.Read)) { byte[] header = new byte[2]; if (fs.Read(header, 0, 2) == 2 && header[0] == 77 && header[1] == 90) // 'M' and 'Z' { isPE = true; } } } catch (Exception ex) { outputTextBox.Text = $"Error reading file: {ex.Message}"; return; } if (!isPE) { outputTextBox.Text = "The dropped file is not a valid PE (Portable Executable) file."; return; } FileInfo fi = new FileInfo(path); long sizeInBytes = fi.Length; // Units and descriptions (binary prefixes: 1024-based) var units = new[] { new { Name = "Bytes (B)", Description = "1 Byte = 8 bits", Divisor = 1.0 }, new { Name = "Kilobytes (KB)", Description = "1 KB = 1024 Bytes", Divisor = Math.Pow(1024, 1) }, new { Name = "Megabytes (MB)", Description = "1 MB = 1024 KB = 1,048,576 Bytes", Divisor = Math.Pow(1024, 2) }, new { Name = "Gigabytes (GB)", Description = "1 GB = 1024 MB = 1,073,741,824 Bytes", Divisor = Math.Pow(1024, 3) }, new { Name = "Terabytes (TB)", Description = "1 TB = 1024 GB = 1,099,511,627,776 Bytes", Divisor = Math.Pow(1024, 4) }, new { Name = "Petabytes (PB)", Description = "1 PB = 1024 TB = 1,125,899,906,842,624 Bytes", Divisor = Math.Pow(1024, 5) } }; string output = $"File: {Path.GetFileName(path)}\r\n\r\nFile Size Breakdown:\r\n"; foreach (var unit in units) { double sizeInUnit = sizeInBytes / unit.Divisor; output += $"{unit.Name}: {sizeInUnit:F2} ({unit.Description})\r\n"; } outputTextBox.Text = output; } } static class Program { [STAThread] static void Main(string[] args) { Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); string filePath = args.Length > 0 ? args[0] : null; Application.Run(new Form1(filePath)); } } }Ted.
  13. h4sh3m
    Hi again, fixed negative numbers bug (or I think that it is fixed 😅) fixed thousand delimiter bug (I hope its work in your system 🤞) added support directories 🤓 source included as before 👇 ShowFileSize__3.rar
  14. CreateAndInject
    Why? I don't depend on anyone.
  15. CreateAndInject
    Completely unpacked. unpacked.exe
  16. boot
    Below are some core code snippets. // process monitoring callback function // disable the creation of specified processes VOID ProcessNotifyExRoutine_call_back( PEPROCESS pEProcess, HANDLE hProcessId, PPS_CREATE_NOTIFY_INFO CreateInfo) { if (NULL == CreateInfo) { return; } PCHAR pszImageFileName = PsGetProcessImageFileName(pEProcess); if (0 == _stricmp(pszImageFileName, "avpui.exe")) // target process name { CreateInfo->CreationStatus = STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY; } }NTSTATUS ZwKillProcess(HANDLE pid)//Kill the process { HANDLE hProcess = NULL; CLIENT_ID ClientId; OBJECT_ATTRIBUTES oa; NTSTATUS status; ClientId.UniqueProcess = pid; ClientId.UniqueThread = 0; oa.Length = sizeof(oa); oa.RootDirectory = 0; oa.ObjectName = 0; oa.Attributes = 0; oa.SecurityDescriptor = 0; oa.SecurityQualityOfService = 0; status = ZwOpenProcess(&hProcess, 1, &oa, &ClientId); if (NT_SUCCESS(status)) { ZwTerminateProcess(hProcess, 0); ZwClose(hProcess); return status; }; return FALSE; }bin.zip e.g. video_2025-09-13_120702.mp4
  17. jackyjask
    @Teddy Rogers hi! there are fresh issues/complains on forum upgrade over here -> https://forum.tuts4you.com/topic/45674-do-you-know-any-file-size-info-calculation-tools/#comment-226676
  18. jackyjask
    2 points
    just DO it :) © any action
  19. root
    The tool was designed for obfuscated code, not for handling standard code with external calls (iat, etc.). So, when splitting blocks, an address will likely be invalid. There's nothing stopping you from implementing and adding new features to the code. procedure TCFG_Analysis.SplitBlock( split_addr: UInt64); (* Split basic block @ split_addr and create a new basic_blocks[] entry. *) var bb_head,orig_head : UInt64; instr : TCfGIns; tmpIns : TIns; begin OutDbg( Format('>Function:SplitBlock - Entry splitting @ [%08x] ',[split_addr])); if Fbasic_blocks.ContainsKey(split_addr) then Exit; bb_head := split_addr; orig_head := DFSBBSearchHead(split_addr); if orig_head = 0 then begin OutDbg(Format('>Function:SplitBlock - Failed @ [%08x]: orig_head=None ',[split_addr])); // raise Exception.Create('SplitBlock: orig_head not found'); end; OutDbg(Format('>Function:SplitBlock - Got orig_head [%08x] ',[orig_head])); // Create new BBlock Fbasic_blocks.Add(bb_head,[]) ; if Length(Fbasic_blocks[orig_head]) > 0 then begin tmpIns:= Fbasic_blocks[orig_head]; instr := tmpIns[ High(Fbasic_blocks[orig_head]) ]; SetLength(tmpIns, Length(Fbasic_blocks[orig_head])-1); Fbasic_blocks[orig_head] := tmpIns; end else Exit; while True do begin tmpIns:= Fbasic_blocks[orig_head]; Insert(instr,tmpIns,0 ); Fbasic_blocks[orig_head] := tmpIns; if instr.OriginEA = bb_head then break ; tmpIns:= Fbasic_blocks[orig_head]; instr := tmpIns[ High(Fbasic_blocks[orig_head]) ]; SetLength(tmpIns, Length(Fbasic_blocks[orig_head])-1); Fbasic_blocks[orig_head] := tmpIns; end; OutDbg(Format('>>Function:SplitBlock - Split @ [%08x]; original @ [%08x]',[split_addr,orig_head])); end;
  20. Stuttered
    Only because this is how the online app does it, I guess? this — PostimagesApp still needs some clean up, and the stretchable is fine. The internal VER I don't care about atm. Nice! I'll take a look at the changes.
  21. jackyjask
    mitigated big numbers/overflows FileSizeCALC-0.0.8custom.zip
  22. Stuttered
    Hmmm... Not sure I can do that, but I'll take a look. Here is v0.0.7. FileSizeCALC_x86_v0.0.7.rar
  23. h4sh3m
    Hi, Added some lazy codes Fixed some bugs (and added new ones 😅) . ShowFileSize__4.rar
  24. Stuttered
    Okay, here is a TEST version. I had to change the code to handle Big Number calculations, which sucked. See attached (if I can get this to work, I'll look at other requests by LFC-AT). FileSizeCALC_TST.rar
  25. Stuttered
    You are welcome. It was a good exercise! v0.0.3 is attached with SRC (minor bug fix). FileSizeCalc_v0.0.3.rar
  26. LCF-AT
    @Stuttered Thank you for the new tool version. Now it looks better and I can use the comma to enter more precise values.Drag & Drop works too but only for single files. All in all you both made a nice tool so far I can use offline. 🙂 I'm really not into Math at all and never was! 🙃 greetz
  27. jackyjask
  28. Stuttered
    Latest attempt to get as close to the web site as possible. See attached PE and SRC. pic — Postimagespic2 — PostimagesFileSizeCalc.rar
  29. LCF-AT
    Hi guys, thanks for feedback so far. @h4sh3m Thanks for version 2 but its still buggy. If I enter 2 & GB I get this results... Bit: 17179869184 Byte: 2147483648 KB: 2.097.152,000000000000000 MB: 2.048,000000000000000 GB: 2,000000000000000 TB: 0,001953125000000 PB: 0,000001907348633 ...and if I copy & paste the GB results or just enter 2,0 I get this... Bit: 171798691840 Byte: 21474836480 KB: 20.971.520,000000000000000 MB: 20.480,000000000000000 GB: 20,000000000000000 TB: 0,019531250000000 PB: 0,000019073486328 ...whats not so correct. 🙂 @Stuttered Yes similar like or the website like I did post. In your image the results looking very unclean to have a good overview. Even I need to have some manually entering option. So normally there are apps for everything so why the heck I don't find any tool for this calc stuff? One more question, so I always find sometimes those online tools to convert stuff or whatever etc, some nice handy tools but just online only. Is it possible to save that webpage and make some kind of standalone quick loading app etc? PS: Why are the code in code tags (inline?) looks so strange now / too much space between the lines? I also don't see any preview button anymore on that new style! greetz
  30. jackyjask
    what's the problem using code sections? eg using System; using System.IO; using System.Windows.Forms; namespace FileSizeCalculator { public partial class Form1 : Form { private TextBox outputTextBox; .... But generally I agree - in the past there were more options to insert source code.... @Teddy Rogers it is a limitation of new upgraded forum board? hmmm why do you need to do that check? the orignal idea was to measure any file in size...
  31. NOP
  32. jackyjask
    1st bug report: (ver 2) one more (feature req or bug?) when drag-n-drop a Folder the app accepts it, but does nothing... possible to calc folder as well?
  33. h4sh3m
    Hi, Added multi file support and replaced float input with integer :) source included as before. ShowFileSize__2.rar
  34. LCF-AT
    Hey @h4sh3m, thank you for doing this. The tool looks nice and handy so far for a quick offline use. :) 🙂 Only issue I see it that comma or dot is not allowed to use to enter manually "Error occured in getting number !". Do you think you could add this little extra feature too in next version? I would like to copy any of those results I get and paste it into edit control and calc with just for checking etc. But for the moment the tool is nice so far. Just does bother me to get online every time I need to calc something. Thank you. PS: Drag & Drop works also nice. Could you make it doable for multiple files too to add the sizes into result box? Just if possible. greetz
  35. h4sh3m
    Hi, Your referred online tool is not perfect (2^10 != 1000) :| Made a simple tool for you (source in delphi/pascal included). ShowFileSize.rar
  36. BfoX
    toro sentinel logger work over sentinel driver (support LPT/USB) can show the screen shoot for us? also can try pva-based dumper with some mod try to use old sspro driver v5.39
  37. Kamleshkc
    Old version vmp unpack tools pls share version is v.1, v.2 any idea
  38. jackyjask
    does it have an option to become flexible? (eg depends on current browser width?) or thats too much as for 2025 the age of AI and robots :) if you click the bell (top right corner) magic gonna happen :)
  39. dak
    Hello everyone, I am looking for help or advice regarding backup/emulation of a Sentinel SuperPro LPT dongle that protects my industrial software (PPI). My setup is quite old, but the software is still in daily use for important production tasks. My configuration: Software: PPI (industrial/printing workflow, works with .ppf files) Dongle: Sentinel SuperPro, 25-pin LPT (parallel port), not USB OS: Windows XP (I also have a backup XP system with native LPT1) Dongle drivers: Sentinel Protection Installer 7.5.0 What I've tried so far: sprodump.exe – dump stops at ~60%, produces a small, incomplete .dmp file pva-dmp.exe / other classic LPT dumpers – same result, incomplete or error Tried using giveio.sys and other port access tools – no difference Tried using Toro Dongle Monitor, but it does not support Sentinel LPT Tried Portmon (Sysinternals) – I can see port activity but not actual challenge/response data Tried physical LPT passthrough in VMware Workstation (on a machine with native LPT) – program still requires the dongle to be present, and dump attempts also fail My goal: I would like to make a backup or create an emulator of my Sentinel SuperPro LPT dongle to secure my workflow in case of hardware failure. I am not looking to bypass licensing, just to protect my own investment for business continuity. My questions: Has anyone successfully dumped or emulated a Sentinel SuperPro LPT dongle in 2024? Are there any new tools, methods, or guides for dumping or logging challenge/response for this dongle type? Is there any specialist or service you can recommend who might help with this type of backup/emulation for industrial software? Any best practices for maintaining such legacy systems safely for the future? Any advice, tips, or shared experiences are highly appreciated! Thank you in advance for your support! (If needed, I can upload photos of the dongle, failed dump files, or screenshots.) Best regards, Dak
  40. BfoX
  41. whoknows
    @CreateAndInject thought that u missed a piece of the puzzle that @Fr0Mu offered you...
  42. Ben_Dover
  43. HostageOfCode
    You can try with older drivers. This dumpers are made for older drivers. Recommend you to install 7.41 drivers. First remove 7.5 one. Or try with newer drivers also 7.6 or 7.8.
  44. dak
    Hi, The hardware key is a Sentinel SuperPro from Rainbow SafeNet on LPT (25 pin) purchased in 2006, recommended Windows environment is XP professional service pack 1 (minimum), secured by Prinect Prepress Heidelberg interface.
  45. HostageOfCode
    Most likely your driver is the problem. What is the OS - DOS or Windows XP? The new dumpers are for XP most of them. You can try the old Safekey dumper. I have it somewhere but have to search for it.
  46. lovejoy226
    @everyone Can you please write step by step guide tutorials if you solve these kind of problems, so other people get helped by your efforts. No meaning jobs, just showing off. But this is not obligation. your choice for helping others learn. Regards. sean.
  47. whoknows
    @CreateAndInject great success, assuming without @Fr0Mu unpacked will be not possible before ah? thank you both for your time. @others - valid serial
  48. Fr0Mu
    Devirtualized except 0x06000128 cause of the homomorphic encryption. WindowsFormsApplication41-devirt.exe
  49. LCF-AT
    Hi, ok normaly you don't really need a tutorial for this but if you are a newbie then I could make a little exception in that case. - Video- Text Infos + details- Res Tool- Unpacked filesJust watch and read and try and if something is not clear then ask again.greetz Unpacking PESpin.v1.33 - No Specials.rar
  50. icky
    @LCF-AT and @Silence ... Unpacked work 100%... i hope u all can make tut to unpack this packer for newbie like me

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.