Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.
You've got two main options:
❂ duraki
duraki
/ gist:424af289d0121cc518b635429f094d3b
Created
July 31, 2023 21:32
— forked from zliuva/gist:1084476
A minimal Mach-o x64 executable for OS X
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; A minimal Mach-o x64 executable for OS X (also see below Mountain Lion version) | |
| ; | |
| ; $ nasm -f bin -o tiny_hello tiny_hello.s | |
| ; $ chmod +x tiny_hello | |
| ; $ ./tiny_hello | |
| ; Hello World! | |
| ; $ | |
| ; c.f. | |
| ; http://osxbook.com/blog/2009/03/15/crafting-a-tiny-mach-o-executable/ ( the original tiny mach-o executable ) |
duraki
/ macOS Internals.md
Created
July 31, 2023 07:42
— forked from kconner/macOS Internals.md
macOS Internals
duraki
/ hide-all-app.scpt
Created
October 3, 2022 19:36
— forked from Teraflopst/hide-all-app.scpt
AppleScript: Hide all applications and show the desktop on Mac
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tell application "Finder" | |
| set visible of every process whose visible is true and name is not "Finder" to false | |
| set the collapsed of windows to true | |
| end tell |
duraki
/ OS X Code Signing Pyinstaller.md
Created
October 3, 2022 09:36
— forked from txoof/OS X Code Signing Pyinstaller.md
- Create a developer account with Apple
- https://developer.apple.com and shell out $99 for a developer account
- Download and install X-Code from the Apple App Store
- Open and run X-Code app and install whatever extras it requires
- Open the preferences pane (cmd+,)
- click the
+in the lower right corner - choose
Apple ID - enter your apple ID and password
- click the
- Previously created keys can be downloaded and installed from https://developer.apple.com
duraki
/ shell_bind_tcp.asm
Created
December 9, 2017 18:54
— forked from geyslan/shell_bind_tcp.asm
Shell Bind TCP in Assembly (Linux/x86)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; This is a snippet of the original file in https://github.com/geyslan/SLAE/blob/master/1st.assignment/shell_bind_tcp.asm | |
| global _start | |
| section .text | |
| _start: | |
| ; syscalls (/usr/include/asm/unistd_32.h) | |
| ; socketcall numbers (/usr/include/linux/net.h) |
duraki
/ breach_compilation_passlist-extraction.txt
Last active
May 7, 2022 12:49
1.4 billion password breach compilation wordlist
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # => create a wordlist from original 41G stash via: | |
| $ grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt | |
| # => compressed with: | |
| $ 7z a breachcompilation.txt.7z breachcompilation.txt | |
| # => size (rel): | |
| ## 4.1G compressed | |
| ## 9.0G uncompressed |
duraki
/ add_debug_entitlement.sh
Created
October 11, 2021 20:29
— forked from talaviram/add_debug_entitlement.sh
Simple Utility Script for allowing debug of hardened macOS apps.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| # Simple Utility Script for allowing debug of hardened macOS apps. | |
| # This is useful mostly for plug-in developer that would like keep developing without turning SIP off. | |
| # Credit for idea goes to (McMartin): https://forum.juce.com/t/apple-gatekeeper-notarised-distributables/29952/57?u=ttg | |
| app_path=$1 | |
| if [ -z "$app_path" ]; | |
| then | |
| echo "You need to specify app to re-codesign!" | |
| exit 0 |
duraki
/ cloud_metadata.txt
Created
January 7, 2020 22:09
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
duraki
/ web-servers.md
Created
February 5, 2018 17:46
— forked from willurd/web-servers.md
Big list of http static server one-liners
Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
duraki
/ sqlmap-tamper-scripts-evaluation.md
Created
July 4, 2019 12:59
— forked from mgeeky/sqlmap-tamper-scripts-evaluation.md
SQLMap Tamper scripts evaluation against F5 Big-IP ASM WAF
The below table represents results of tests launched against F5 Big-IP ASM WAF appliance in it's XX version of YY and ZZ version of XY
Below names are to be passed to the --tamper= parameter of sqlmap.
The column Violation Rating represents most dominant rating of topmost 20 Requests observed by F5 in it's Security>>Event Logs:Application:Requests view.
The scale is 0-5.
NewerOlder