Vscode Mermaid

admin



Writing documentation is a task that no one really likes especially when diagrams and flowcharts are involved. And then there’s the problem of which tools to use. One crafty tool is Draw.io with web and desktop editors but what to use if you want to write documentation as a code and see the changes clearly in text format.

  • Mermaid.cli: Command line interface for mermaid - generation of diagram and flowchart from text in a similar. Vscode: Microsoft Visual Studio Code.
  • Stack Overflow The World’s Largest Online Community for Developers.
  • Mermaid is a simple markdown-like script language for generating charts from text via javascript. Online FlowChart & Diagrams Editor - Mermaid Live Editor Simplify documentation and avoid heavy tools.
  • Web Assembly and Go: A look to the future
  • Go 1.11: WebAssembly for the gophers
  • Using Interfaces and Dependency Injection to Future Proof Your Designs
  • Taking Go modules for a spin
  • How to build RPC server in golang
  • one-file-pdf - A minimalist PDF generator
  • Introduction to Go Modules
  • Tracking down a Golang memory leak with grmon
  • Using Go modules with vendor support on Travis CI
  • A quick one-liner to list all imports of your current project
    • go list -json . | jq .Imports,.TestImports | sort | uniq | tail -n +3
  • Go Compiler Internals
  • goebpf - Library to work with eBPF programs from Go
  • script - Making it easy to write shell-like scripts in Go
  • Tools for Exploring .NET Internals
  • Resources for Learning about .NET Internals
  • Introducing .NET Core 2.1 Flagship Types: Span T and Memory T
  • Detecting Malicious Use of .NET
  • Fuzzing the .NET JIT Compiler
Vscode Mermaid
  • Mallet, a framework for creating proxies
  • House: A Mobile Analysis Platform Built on Frida
  • Socks proxy server using powershell
  • BeRoot: Privilege Escalation Project - Windows / Linux / Mac
  • DbgShell: A PowerShell front-end for the Windows debugger engine
  • SleuthQL: - Burp History parsing tool to discover potential SQL injection points
  • ExchangeRelayX: An NTLM relay tool to the EWS endpoint for on-premise exchange servers
  • windows-acl: working with ACLs in Rust
  • Notable: Note taking app
  • TCPHound: Win32 utility for auditing TCP connections
  • PolarProxy is a transparent TLS proxy that creates PCAP files with the decrypted data.
  • InfinityHook: Hook system calls, context switches, page faults and more.
  • Fermion, an electron wrapper for Frida & Monaco.
  • pown-cdb: Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line
  • VS Code x Frida
  • burptime:- Burp Show Response Time.
  • Static Program Analysis book (updated regularly)
  • AWS Privilege Escalation – Methods and Mitigation
  • Learning Bluetooth Hackery with BLE CTF
  • Giving Yourself a Window to Debug a Shared Library Before DT_INIT – with Frida, on Android
  • Getting started with Firmware Emulation for IoT Devices
  • Patching Binaries with Radare2 – ARM64
  • Independent Security Evaluators IoT Writeups
  • Let’s write Swift code to intercept SSL Pinning HTTPS Requests
  • Android CrackMes
  • Defeating an Android Packer with Frida
  • Frida-onload: Frida module to hook module initializations on Android
  • The Path to the Payload - Android Edition - Recon 2019
  • SafetyNet Killer - a Frida script to bypass SafetyNet attestation
  • Bypassing Certificate Pinning on iOS 12 with Frida
  • Breaking mobile userland w[0x42]alls - Giovanni - iGio90 - Rocca
  • Skiptracing: Reversing Spotify.app
  • Reverse Engineering the iClicker Base Station
  • Calling iOS Native Functions from Python Using Frida and RPC
  • Collections of 150 CTF Challenges (Vulnhub+HTB)
  • Google's Beginner CTF
  • Small CTF challenges running on Docker
  • CTF Series : Vulnerable Machines
  • Dockerscan: Docker Security Analysis Tools
  • Defcon DFIR CTF 2018
Vscode Mermaid
  • Recon-ng Tutorial
    1. Install and Setup: https://securenetworkmanagement.com/recon-ng-tutorial-part-1/
    2. Workspaces and Import: https://securenetworkmanagement.com/recon-ng-tutorial-part-2/
    3. Usage and Reporting: https://securenetworkmanagement.com/recon-ng-tutorial-part-3/
  • Command Injection/Shell Injection
  • Transferring Files from Linux to Windows (post-exploitation)
  • Building Autonomous AppSec Pipelines with the Robot Framework
  • David Weston - Zer0ing Trust - Do Zero Trust Approaches Deliver Real Security
  • OSCP Journey: Exam & Lab Prep Tips
  • How to write an Nmap script
  • Bloodhound Walkthrough. A Tool for Many Tradecrafts
  • Understanding UNC paths, SMB, and WebDAV
  • Video: nmap Service Detection Customization
  • Dealing with Hard Problems
  • Generation of diagram and flowchart from text in a similar manner as markdown
    • VS code preview: https://github.com/vstirbu/vscode-mermaid-preview
  • Zotero: An open-source tool to help collect, organize, cite, and share research
  • How to Learn Anything... Fast - Josh Kaufman
  • Intercepting and Emulating Linux System Calls with Ptrace
  • Sed - An Introduction and Tutorial
  • Compiling DLLs with MinGW on Kali
  • How hostname to IP address Conversion or Name Resolution works in Linux?
  • Lin.security – practice your Linux privilege escalation foo
  • Replace a string with a new one in all files using sed and xargs
  • Windows Privilege Escalation Methods for Pentesters
  • System call dispatching on Windows ARM64
  • Juicy Potato, Local Privilege Escalation tool from a Windows Service Accounts to SYSTEM
  • You can't contain me!: Analyzing and Exploiting an Elevation of Privilege Vulnerability in Docker for Windows
  • About WriteProcessMemory
  • Triaging a DLL planting vulnerability
  • Watch your Downloads: the risk of the 'auto-download' feature on Microsoft Edge and Google Chrome
  • Fix Windows 10 Privacy
  • The Art of Becoming TrustedInstaller - Task Scheduler Edition
  • Modern Windows Attacks and Defense Lab
  • Spying on HTTPS - How Antivirus apps monitor HTTPs
  • An In Depth Tutorial on Linux Development on Windows with WSL and Visual Studio Code
  • [How To] Identify File Types in Windows
  • CVE-2019–13142: Razer Surround Elevation of Privilege
  • Executing Code Using Microsoft Teams Updater
  • Windows API Hooking
  • How to Transfer and Share Files Between Windows and Linux
  • Deobfuscating Powershell Scripts
  • 'whoami /priv' - Hack in Paris 2019
  • Sysmon 10 - New features including DNS monitoring
  • Hunting COM Objects
    • Part 1: https://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects.html
    • Part 2: https://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects-part-two.html
  • Hello World - Compiling Executables for the Classic POSIX Subsystem on Windows
  • 1-click RCE with Skype Web Plugin and QT apps
  • Windows 10 - Task Scheduler service - Privilege Escalation/Persistence through DLL planting
  • Windows NamedPipes 101 + Privilege Escalation
  • DLL Import Redirection in Windows 10 1909
  • Debug C++ applications inside the Windows Subsystem for Linux using Visual Studio Code
  • CVE-2020-0668 - A Trivial Privilege Escalation Bug in Windows Service Tracing
  • Reverse Engineering for Beginners
  • How I Turn Frick into a Real Frida Based Debugger
  • Beginner Malware Reversing Challenges
  • x86 In-Depth 3: Identifying C-Style Structs
  • x86 In-Depth 4: Labeling Structs Properly in IDA Pro
  • Infected PDF: Extract the payload
  • Solving the Atredis BlackHat 2018 CTF Challenge
  • Tools for instrumenting Windows Defender's mpengine.dll
  • Fast Incident Response: Tracking app
  • Reflective DLL Injection
  • Becoming a 'Full-Stack Reverse Engineer' in three years
    • Slides: https://docs.google.com/presentation/d/1HLVUfbn9w7BXzYI437vF-yxEqujwLQp9brdIHhgTEv0/
    • Youtube: https://www.youtube.com/watch?v=9vKG8-TnawY
  • Reverse engineering the rendering of The Witcher 3
    • Witcher tricks slides: https://drive.google.com/drive/folders/1gmn5XSYDUsOPXXKQO73zCpGAHWAfnK1U
    • Tonemapping: https://astralcode.blogspot.com/2017/09/reverse-engineering-rendering-of.html
    • Eye adaptation: https://astralcode.blogspot.com/2017/10/reverse-engineering-rendering-of.html
    • Chromatic aberration: https://astralcode.blogspot.com/2017/10/reverse-engineering-rendering-of_26.html
    • Vignette: https://astralcode.blogspot.com/2018/02/reverse-engineering-rendering-of.html
    • Drunk effect: https://astralcode.blogspot.com/2018/08/reverse-engineering-rendering-of.html
  • Behind Enemy Lines- Reverse Engineering C++ in Modern Ages
  • COM Hijacking Techniques David Tulis - DerbyCon 2019
  • WinDbg commands flash cards
  • 'Modern Debugging with WinDbg Preview' DEFCON 27 workshop
    • WinDbg cheatsheet: https://github.com/hugsy/defcon_27_windbg_workshop/blob/master/windbg_cheatsheet.md
  • Analysing RPC With Ghidra and Neo4j
  • Trusted types & the end of DOM XSS - Krzysztof Kotowicz - LocoMocoSec 2019
  • Malware Unicorn RE workshops
  • Electronegativity - Electron security checks
  • Overcoming Fear: Reversing With Radare2 - Arnau Gamez Montolio
  • hm0x14 CTF: reversing a (not so simple) crackme
  • Ghidra Utilities for Analyzing PC Firmware
  • Implementing a New CPU Architecture for Ghidra
    • Slides: https://docs.google.com/presentation/d/1b955DV2ii-Dgv6YR4kUrJtjGugEqXD3FffTHRfvVSYo/edit
    • Code: https://github.com/guedou/ghidra-processor-mep
  • gdbghidra - a visual bridge between a GDB session and GHIDRA
  • python-decompile3: Python decompiler for 3.7+
  • Dragon Dance - Binary code coverage visualizer plugin for Ghidra
  • Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
  • Virtual Method Table for newbies
    • Part 1: https://littlemastermind.codes/2020/02/01/virtual-method-table-for-newbies/
    • Part 2: https://littlemastermind.codes/2020/02/01/virtual-method-table-for-newbies-2/
  • Using OOAnalyzer to Reverse Engineer Object Oriented Code with Ghidra
  • Extending LLVM for Code Obfuscation
    • Part 1: https://www.praetorian.com/blog/extending-llvm-for-code-obfuscation-part-1
    • Part 2: https://www.praetorian.com/blog/extending-llvm-for-code-obfuscation-part-2
  • CPython internals: A ten-hour codewalk through the Python interpreter source code
  • Pyshark - Python Wrapper For Tshark, Allowing Python Packet Parsing Using Wireshark Dissectors
  • FOIA-ed NSA Python Course
  • Practical JSONP Injection
  • WebAssembly: potentials and pitfalls
  • Analyzing WebAssembly Binaries
  • JWT Cheatsheet
  • LDAP Injection Cheatsheet
  • vuLnDAP: vulnerable LDAP based web app
  • How to Hack WebSockets and Socket.io
  • JSON Web Token Best Current Practices
  • The Illustrated TLS Connection
  • OAuth 2.0 Security Best Current Practice
  • Automating local DTD discovery for XXE exploitation
  • Jackson gadgets - Anatomy of a vulnerability - Java Deserialization
  • Knife: A Burp extension that add some useful function to Context Menu
  • Better API Penetration Testing with Postman
  • JavaScript Supply Chain Security - LocoMocoSec 2019
  • XXE: How to become a Jedi - Yaroslav Babin
  • Java Serialization: A Practical Exploitation Guide
  • XML External Entity(XXE)
  • Exploiting XXE with local DTD files
  • The parts of JWT security nobody talks about
  • Pro Tips: Testing Applications Using Burp, and More
  • Actual XSS in 2020
  • XXE & SQLi In PaperThin CommonSpot CMS
  • OpenID Connect & OAuth 2.0 Security Best Practices
  • Reverb: speculative debugging for web applications
  • Mainframe Hacking
  • Woot 2018: A Modern History of Offensive Security Research
  • Learning PowerShell
  • ShellCheck, a static analysis tool for shell scripts
  • CrystalBall, Data Gathering and Machine Learning System for SAT Solvers
    • Blog: https://www.msoos.org/2019/06/crystalball-sat-solving-data-gathering-and-machine-learning/
    • Code: https://github.com/msoos/cryptominisat/tree/crystalball
    • Paper: https://www.msoos.org/wordpress/wp-content/uploads/2019/06/sat19-skm.pdf
  • Beyond your studies: a presentation about job interviews by Ange Albertini
    • Youtube: https://www.youtube.com/watch?v=Prgv9pNvy24
    • Slides: https://speakerdeck.com/ange/beyond-your-studies
  • Wireshark Tutorial: Examining Qakbot Infections
  • Alfa AWUS036ACH Kali Configuration Guide
  • Resistance Isn't Futile: A Practical Approach to Threat Modeling
  • Return Oriented Programming Series
    • Introduction: https://tuonilabs.wordpress.com/2018/07/30/return-oriented-programming-series-introduction/
    • Setup: https://tuonilabs.wordpress.com/2018/07/30/rop-environment-setup/
    • Writeups: https://tuonilabs.wordpress.com/2018/07/31/rop-write-ups/
  • Exploiting TurboFan Through Bounds Check Elimination
  • HowTo: ExploitDev Fuzzing
  • Vulnerable C++ code for practice
  • Finding and exploiting CVE-2018–7445 (unauthenticated RCE in MikroTik’s RouterOS SMB)
  • Project Based Tutorials in C
  • Wireshark dissectors for Ethereum ÐEVp2p protocols
  • Using a Hardware Security Module with Hyperledger Fabric 1.2 SDK for Node.js
  • Fumblechain - A Purposefully Vulnerable Blockchain
  • A (relatively easy to understand) primer on elliptic curve cryptography
  • A Decade of Lattice Cryptography
  • Driving OWASP @zaproxy using Selenium
  • Unprivileged Docker Builds – A Proof of Concept
  • Understanding Docker container escapes
  • Docker for Pentesters
  • Fuzzing projects with american fuzzy lop (AFL)
  • AFL-unicorn: What is it and how to use it?
  • A Simple Tutorial of AFL-Fuzzer
  • FUZZING - AMERICAN FUZZY LOP, ADDRESS SANITIZER AND LIBFUZZER
  • Binary fuzzing strategies: what works, what doesn't by AFL creator
  • Google Fuzzing repository
  • Mindshare: Automated Bug Hunting by Modeling Vulnerable Code
  • Putting the Hype in the Hypervisor - Brandon Falk
  • Microsoft lain fuzzing framework (in Rust)
  • Grizzly: A cross-platform browser fuzzing framework
  • Fuzzing the Kernel Using AFL-Unicorn
  • Provoking Browser Quirks With Behavioural Fuzzing
See full list on marketplace.visualstudio.comVscode mermaid syntax
  • Simple C++ DLL Injecting Source Code Tutorial
  • How to Reverse Engineer Save Game Files - Titan Quest Cheats
  • Documentation Writing for System Administrators - 2003
    • My notes: https://parsiya.net/blog/2020-02-06-documentation-writing-for-system-administrators-notes/
  • Manual Work is a Bug
    • Reflections on 'Manual Work is a Bug': https://parsiya.net/blog/2018-10-03-reflections-on-manual-work-is-a-bug/
    • The Dark Side of 'Manual Work is a Bug': https://parsiya.net/blog/2019-04-17-the-dark-side-of-manual-work-is-a-bug/
  • Effective Engineer:
  • From Idiot to Imposter: how to get started in a new field

Visual Studio Code

Visual Studio Code Configuration

Vscode Mermaid Editor

Visual Studio Code Plugins

Generating Documentation As Code With Mermaid And PlantUML ...

awesome-vscode – a curated list of delightful VS Code packages and resources (GitHub).

  • C++ – C/C++ IntelliSense, debugging, and code browsing (Preview)
  • C# for Visual Studio Code (powered by OmniSharp)
  • CMake Tools – Extended CMake support in Visual Studio Code
  • Mermaid diagram previewer for Visual Studio Code.
  • NativeScript – The NativeScript extension aids your NativeScript project development within VSCode
  • vscode-icons – bring icons to your Visual Studio Code
  • GitLens — Git supercharged. GitLens supercharges the Git capabilities built into Visual Studio Code. It helps you to visualize code authorship at a glance via Git blame annotations and code lens, seamlessly navigate and explore Git repositories, gain valuable insights via powerful comparison commands, and so much more.
  • Inno Setup for Visual Studio Code
  • Lua for Visual Studio Code
  • Lua Debug Adapter for Visual Studio Code
  • Code Spell Checker
  • PowerShell Language Support for Visual Studio Code
  • Code Runner – Run code snippet or code file for multiple languages: C, C++, Java, JavaScript, PHP, Python, Perl, Perl 6, Ruby, Go, Lua, Groovy, PowerShell, BAT/CMD, BASH/SH, F# Script, F# (.NET Core), C# Script, C# (.NET Core), VBScript, TypeScript, CoffeeScript, Scala, Swift, Julia, Crystal, OCaml Script, R, AppleScript, Elixir, Visual Basic .NET, Clojure, Haxe, Objective-C, Rust, Racket, AutoHotkey, AutoIt, Kotlin, Dart, Free Pascal, Haskell, Nim, D, and custom command
  • EditorConfig for VS Code – this plugin attempts to override user/workspace settings with settings found in .editorconfig files. No additional or vscode-specific files are required. As with any EditorConfig plugin, if root=true is not specified, EditorConfig will continue to look for an .editorconfig file outside of the project.

Articles

Visual Studio Code Tips