Skip to content

Instantly share code, notes, and snippets.

smx-smx / XZ Backdoor Analysis
Last active June 2, 2024 07:22
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
q3k / hashes.txt
Last active May 16, 2024 16:49
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'
wiseman /
Last active June 27, 2024 14:32
Langchain example: self-debugging
from io import StringIO
import sys
from typing import Dict, Optional
from langchain.agents import load_tools
from langchain.agents import initialize_agent
from import Tool
from langchain.llms import OpenAI
Minimal character-level Vanilla RNN model. Written by Andrej Karpathy (@karpathy)
BSD License
import numpy as np
# data I/O
data = open('input.txt', 'r').read() # should be simple plain text file
chars = list(set(data))
data_size, vocab_size = len(data), len(chars)
pudquick /
Last active June 24, 2024 19:41
Lightly "sandboxed" homebrew on macOS

brew is a bad neighbor

This isn't a guide about locking down homebrew so that it can't touch the rest of your system security-wise.

This guide doesn't fix the inherent security issues of a package management system that will literally yell at you if you try to do something about "huh, maybe it's not great my executables are writeable by my account without requiring authorization first".

But it absolutely is a guide about shoving it into its own little corner so that you can take it or leave it as you see fit, instead of just letting the project do what it likes like completely taking over permissions and ownership of a directory that might be in use by other software on your Mac and stomping all over their contents.

By following this guide you will:

  • Never have to run sudo to forcefully change permissions of some directory to be owned by your account
input=(73 foobar)
for num in "${input[@]}"; do
(echo "${num//[^\-+0-9]/}" | grep -Eq $rg) \
&& echo "$num is a number" \
|| echo "$num is not a number";
(echo "${nnum//[^\-+0-9]/}" | grep -Eq $rg) \
johndturn /
Last active July 12, 2024 21:15
Overview of using launchd to set up services on a macOS machine.

launchd - Script Management in macOS

What is it?

  • Used on macOS for managing agents and daemons and can be used to run scripts at specified intervals
    • macOS's competitor to cron, along with other things
  • Runs Daemons and Agents

What is a Daemon?

cweave / create_sessions.scpt
Created March 24, 2022 03:53
Automating iTerm2 with Applescript
tell application "iTerm2"
# Open window in full screen
tell application "System Events"
keystroke "f" using {control down, command down}
end tell
set serverSession to current session of current window
tell serverSession
infused-kim /
Last active April 17, 2023 01:30
Exa LS_COLORS theme generator
#!/usr/bin/env python
# What is this:
# This script generates an LS_COLORS theme.
# By default it is using the same colors as the ls replacement exa. The
# purpose is to generate an LS_COLORS theme that is consistent with exa's
# colors so that it can be used by other tools like fzf.
sts10 / rust-command-line-utilities.markdown
Last active July 21, 2024 11:17
A curated list of command-line utilities written in Rust

A curated list of command-line utilities written in Rust

Note: I have moved this list to a proper repository. I'll leave this gist up, but it won't be updated. To submit an idea, open a PR on the repo.

Note that I have not tried all of these personally, and cannot and do not vouch for all of the tools listed here. In most cases, the descriptions here are copied directly from their code repos. Some may have been abandoned. Investigate before installing/using.

The ones I use regularly include: bat, dust, fd, fend, hyperfine, miniserve, ripgrep, just, cargo-audit and cargo-wipe.

  • atuin: "Magical shell history"
  • bandwhich: Terminal bandwidth utilization tool