Birch-san

## update_ungoogled_chromium_extensions.sh
#!/usr/bin/env bash

# dependencies:
# https://www.npmjs.com/package/chrome-web-store-item-property-cli
# https://stedolan.github.io/jq/
# curl

# Ascertain directory in which script lives; compatible with all UNIX
# Thanks to kenorb
# http://stackoverflow.com/a/17744637/5257399

## make_portable.sh
#!/usr/bin/env bash

# Licensed by author Alex Birch under CC BY-SA 4.0
# https://creativecommons.org/licenses/by-sa/4.0/

# Example input:
# ./make_portable.sh mycoolbinary
# where mycoolbinary is a mach-o object file
# (for example an executable binary or a .dylib)
#

## http-parse-bespoke.py
#!/usr/bin/python
#
#Bertrone Matteo - Polytechnic of Turin
#November 2015
#
#Additions made by Alex Birch, July 2018
#to correlate HTTP reply back to HTTP request, and accumulate & print statistics
#
#eBPF application that parses HTTP packets
#and extracts (and prints on screen) the URL contained in the GET/POST request.

## http-parse-seq.py
#!/usr/bin/python
#
# Forked from https://github.com/iovisor/bcc/blob/master/examples/networking/http_filter/http-parse-complete.py
# I've removed almost all functionality. It now simply prints the sequence number of every packet submitted, and does not perform any cleanup.
# =====
#Bertrone Matteo - Polytechnic of Turin
#November 2015
#
#eBPF application that parses HTTP packets
#and extracts (and prints on screen) the URL contained in the GET/POST request.

## http-minimal.py
#!/usr/bin/python

# invoke with:
# sudo ./http-minimal.py -i docker0

from bcc import BPF
from sys import argv

import socket
import os

## sshfs_mount.sh
#!/bin/sh

# mounts a host named 'mycoolhost' (as described in SSH config):
# ./sshfs_mount.sh
# unmount:
# ./sshfs_mount.sh 0

REMOTE_HOST='mycoolhost'
REMOTE_DIR='/home/mycooluser'
VOLNAME="$REMOTE_HOST"

## hex_printf.cpp
#include <stdio.h>
#include <inttypes.h>
int main(int argc, char** argv) {
  uint64_t val = (1ULL<<29) -1ULL;
  printf("0x%" PRIx64 "\n", val);
  return 0;
}

## pwnedpass.sh
#!/usr/bin/env bash

# Licensed by author Alex Birch under CC BY-SA 4.0
# https://creativecommons.org/licenses/by-sa/4.0/

# detects whether any of your passwords have been exposed in a data breach, by
# submitting (prefixes of hashes of) all your passwords to Troy Hunt's
# Pwned Passwords API.
# https://haveibeenpwned.com/Passwords

## pluck.js
function Pluck( ctx ) {
  this.sr = ctx.sampleRate;
  this.pro = ctx.createScriptProcessor( 512, 0, 1 );
  this.pro.connect( ctx.destination );
}

Pluck.prototype.play = function( freq ) {
  var N = Math.round( this.sr / freq ),
    impulse = this.sr / 1000,
    y = new Float32Array( N ),

## -dd
sudo ./src/bpftrace -v -e 'struct F {char s[5];} u:./tests/testprogs/string_args:print { $a = ((struct F*)arg0)->s; }' -c ./tests/testprogs/string_args

0: (bf) r6 = r1
1: (79) r3 = *(u64 *)(r6 +112)
2: (bf) r1 = r10
3: (07) r1 += -29
4: (b7) r2 = 5
5: (85) call bpf_probe_read#4
last_idx 5 first_idx 0
regs=4 stack=0 before 4: (b7) r2 = 5
	#!/usr/bin/env bash

	# dependencies:
	# https://www.npmjs.com/package/chrome-web-store-item-property-cli
	# https://stedolan.github.io/jq/
	# curl

	# Ascertain directory in which script lives; compatible with all UNIX
	# Thanks to kenorb
	# http://stackoverflow.com/a/17744637/5257399
	#!/usr/bin/env bash

	# Licensed by author Alex Birch under CC BY-SA 4.0
	# https://creativecommons.org/licenses/by-sa/4.0/

	# Example input:
	# ./make_portable.sh mycoolbinary
	# where mycoolbinary is a mach-o object file
	# (for example an executable binary or a .dylib)
	#
	#!/usr/bin/python
	#
	#Bertrone Matteo - Polytechnic of Turin
	#November 2015
	#
	#Additions made by Alex Birch, July 2018
	#to correlate HTTP reply back to HTTP request, and accumulate & print statistics
	#
	#eBPF application that parses HTTP packets
	#and extracts (and prints on screen) the URL contained in the GET/POST request.
	#!/usr/bin/python
	#
	# Forked from https://github.com/iovisor/bcc/blob/master/examples/networking/http_filter/http-parse-complete.py
	# I've removed almost all functionality. It now simply prints the sequence number of every packet submitted, and does not perform any cleanup.
	# =====
	#Bertrone Matteo - Polytechnic of Turin
	#November 2015
	#
	#eBPF application that parses HTTP packets
	#and extracts (and prints on screen) the URL contained in the GET/POST request.
	#!/usr/bin/python

	# invoke with:
	# sudo ./http-minimal.py -i docker0

	from bcc import BPF
	from sys import argv

	import socket
	import os
	#!/bin/sh

	# mounts a host named 'mycoolhost' (as described in SSH config):
	# ./sshfs_mount.sh
	# unmount:
	# ./sshfs_mount.sh 0

	REMOTE_HOST='mycoolhost'
	REMOTE_DIR='/home/mycooluser'
	VOLNAME="$REMOTE_HOST"
	#include <stdio.h>
	#include <inttypes.h>
	int main(int argc, char** argv) {
	uint64_t val = (1ULL<<29) -1ULL;
	printf("0x%" PRIx64 "\n", val);
	return 0;
	}
	function Pluck( ctx ) {
	this.sr = ctx.sampleRate;
	this.pro = ctx.createScriptProcessor( 512, 0, 1 );
	this.pro.connect( ctx.destination );
	}

	Pluck.prototype.play = function( freq ) {
	var N = Math.round( this.sr / freq ),
	impulse = this.sr / 1000,
	y = new Float32Array( N ),
	sudo ./src/bpftrace -v -e 'struct F {char s[5];} u:./tests/testprogs/string_args:print { $a = ((struct F*)arg0)->s; }' -c ./tests/testprogs/string_args

	0: (bf) r6 = r1
	1: (79) r3 = (u64 )(r6 +112)
	2: (bf) r1 = r10
	3: (07) r1 += -29
	4: (b7) r2 = 5
	5: (85) call bpf_probe_read#4
	last_idx 5 first_idx 0
	regs=4 stack=0 before 4: (b7) r2 = 5