Skip to content

Instantly share code, notes, and snippets.


Blake Burkhart bburky

View GitHub Profile
bburky / ssd1306_nametag.ino
Created Aug 11, 2022
"Hello my name is ..." esp8266 (ESP-01) nametag on 128x64 monochrome 0.96" SSD1306 OLED
View ssd1306_nametag.ino
#include <SPI.h>
#include <Wire.h>
#include <Adafruit_GFX.h>
#include <Adafruit_SSD1306.h>
#define SCREEN_WIDTH 128 // OLED display width, in pixels
#define SCREEN_HEIGHT 64 // OLED display height, in pixels
// Declaration for an SSD1306 display connected to I2C (SDA, SCL pins)
bburky / default.yaml
Last active Oct 7, 2021
FIPS enabled Fedora 34 Lima VM configuration
View default.yaml
# FIPS enabled Fedora 34 Lima VM configuration
# Based based on
# Create the VM and restart the VM after initial creation to finish FIPS mode setup:
# limactl start --tty=false default.yaml && limactl stop default && limactl start default
# Test FIPS:
# lima fips-mode-setup --check
# Use it:
# lima nerdctl run --rm -it busybox
bburky / script.js
Created Sep 28, 2021
Open Google Apps scripts in new tab on middle click greasemonkey script
View script.js
// ==UserScript==
// @name Open Google Apps scripts in new tab on middle click
// @namespace
// @match*
// @grant none
// @version 1.0
// @author -
// @description Note: broken on non-apps script links (docs scripts, etc). Only works with middle click (not cmd-click).
// @inject-into content
// ==/UserScript==
bburky / GameOverlayRenderer.js
Created Aug 16, 2021
Inject Steam GameOverlayRenderer DLL into a game with Frida
View GameOverlayRenderer.js
// Inject Steam GameOverlayRenderer DLL into a game
// Inspired by
// Must be run during process initialization, cannot be run after the game is
// started.
// GameOverlayRenderer will use an appid from the SteamGameId environment
// variable. This is injected too. GameOverlayRenderer does not support
// steam_appid.txt, but this script will parse the file to discover the appid.
bburky /
Last active Aug 2, 2022
SECCOMP_RET_USER_NOTIF based Frida syscall tracer

Proof of concept SECCOMP_RET_USER_NOTIF based Frida syscall tracer

A hacked up version of running inside Frida.

installFilter() should be called on the main thread of the application. It's not possible to install the seccomp filter from rpc.exports.init() because it runs on a Frida thread.

installFilter() sets NO_NEW_PRIVS (required if non-root), installs the seccomp filter to trigger notifications, then creates a pthread to watch for notifications. Upon notifications a callback into Frida is invoked.

When the callback fires, it won't be on the thread that invoked the syscall. I'm not actually sure how to use Frida interact with the suspended thread. Don't know how to get a backtrace on it or execute code on it. Might be possible to set a temporary interceptor on it's EIP.

bburky /
Last active May 6, 2022
Offline Kubernetes manifest diff (does not use cluster state)
#!/usr/bin/env python3
# Offline `kubectl diff` style tool (does not use cluster state). Diff two
# local files containing templated manifests (e.g. kustomize or helm output).
# Resources in each file are matched by api, kind, namespace and name. This is
# also shown in the filename fields of the diff output.
# Usage:
# old-manifests.yaml new-manifests.yaml
# kustomize build . | /tmp/old-manifests.yaml -
bburky /
Last active May 17, 2021
EPUB full text search using SQLite FTS5
# Update index:
# FTS5 query (avoid single quotes, there's no escaping):
# foo OR bar NOT baz
# '"foo bar"'
# 'NEAR(foo bar)'
bburky /
Last active Feb 15, 2021
avr-gdb python script to get flag from a debug build of
import gdb
import sys
# Uses avr-gdb's built-in `target sim` simulator
# Requires avr-gdb to be built with Python support
# Run `source` inside GDB to run
# firmware.elf must be built with debug symbols (a .hex file could be used if you memory addresses were manually specified)
def onI2CReceive():



If this is run from an Argo CD app of apps ARGOCD_APP_SOURCE_TARGET_REVISION should be automatically populated.

bburky /
Created Sep 23, 2020
Delete any orphaned CNS volumes found in vCenter without a corresponding Kubernetes PV
# Delete any orphaned CNS volumes found in vCenter without a corresponding Kubernetes PV.
# Usage:
# ./
# KUBECONFIG=whatever.kubeconfig FORCE=true ./
set -euo pipefail
delete_volume() {