Skip to content

Instantly share code, notes, and snippets.

View jzbor's full-sized avatar

jzbor

23 followers · 42 following
View GitHub Profile
@MaskRay
MaskRay / asan.md
Created January 7, 2024 08:11
Notes on AddressSanitizer

AddressSanitizer (ASan) is a compiler technology that checks addressability-related memory errors with some add-on checks. It consists of two parts: compiler instrumentation and runtime library. To put it in the simplest way,

  • The compiler instruments global variables, stack frames, and heap allocations to track shadow memory.
  • The compiler instruments memory access instructions to check shadow memory.
  • In case of an error, the inserted code calls a callback (implemented in the runtime library) to report an error with a stack trace. Normally the program will exit after the error message is printed.

Clang 3.1 implemented AddressSanitizer in 2011. GCC 4.8 integrated AddressSanitizer in 2012. MSVC (starting in Visual Studio 2019 version 16.9) added /INFERASANLIBS.

@whimbree
whimbree / install_bios_gpt.sh
Created November 19, 2023 05:46
Install NixOS on a VPS using Legacy booting on a GPT paritioned drive, with ZFS native encryption and ZFS root.
# The disk that will be used
# NOTE: If installing on an nvme drive (ie: /dev/nvme0n1), you'll need to replace all occurrences of ${DISK}# with ${DISK}p# where # is the partition number.
# Don't forget to also replace all occurences of $(echo $DISK | cut -f1 -d\ )# with $(echo $DISK | cut -f1 -d\ )p#
export DISK='/dev/vda'
export LUKS_KEY_DISK=cryptkey
export KEYFILE_LOCATION=/cryptkey
export KEY_DISK=/dev/mapper/cryptkey
# we use parted here since it does a good job with adding BIOS protective MBR to GPT disk
@Bertik23
Bertik23 / archInstallChecklist.md
Last active June 22, 2023 15:32
Arch installation checklist
  • Disable secureboot and legacy boot
  • Enable EFI (UEFI) boot
  • Boot
  • loadkeys cz-qwertz
  • ping archlinux.org test internet connection
  • If no internet:
    • connet ethernet cable
      • If ethernet cable connected and still no internet
        • modprobe -r tg3
  • modprobe broadcom
@umbernhard
umbernhard / arch-secure-install.md
Last active February 29, 2024 16:23
Building a Secure Arch Linux Device

Building a Secure Arch Linux Device

Locking down a linux machine is getting easier by the day. Recent advancements in systemd-boot have enabled a host of features to help users ensure that their machines have not been tampered with. This guide provides a walkthrough of how to turn on many of these features during installation, as well as reasoning for why certain features help improve security.

The steps laid out below draw on a wide variety of existing resources, and in places I'll point to them rather than attempt to regurgitate full explanations of the various security components. The most significant one, which I highly encourage everyone to read, is Rod Smith's site about secure boot, which is the most comprehensive and cogent explanation of UEFI, boot managers and boot loaders, and secure boot. Another incredibly useful resources is Safeboot, which encapsulates many of the setup steps below in a Debian application.

@themagicalmammal
themagicalmammal / Optimizations_Artix.md
Last active March 30, 2024 20:34
Set of optimizations, I use on my Artix Setup
@quells
quells / boox-dns-blacklist
Created July 1, 2021 15:29
Pi-Hole Blacklist for BOOX devices
# Copied from https://github.com/StevenBlack/hosts
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
127.0.0.1 local
255.255.255.255 broadcasthost
::1 localhost
::1 ip6-localhost
::1 ip6-loopback
fe80::1%lo0 localhost
@binji
binji / LICENSE
Last active January 3, 2024 23:37
pokegb.cc w/o macros
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
@AlecsFerra
AlecsFerra / animated_wallpaper.c
Last active November 6, 2023 21:52
POC for simple animated wallpapers in Xorg
#define _POSIX_C_SOURCE 199309L
//#define DEBUG
#include <Imlib2.h>
#include <X11/Xatom.h>
#include <X11/Xlib.h>
#include <stdio.h>
#include <stdlib.h>
#include <time.h>
@brighteyed
brighteyed / mirror_repositories.py
Last active November 23, 2022 21:34
Mirror all GitHub repositories to Gitea. Copied from https://jpmens.net/2019/04/15/i-mirror-my-github-repositories-to-gitea/
#!/usr/bin/env python
from github import Github # https://github.com/PyGithub/PyGithub
import requests
import json
import sys
import os
gitea_url = "http://127.0.0.1:3000/api/v1"
gitea_token = open(os.path.expanduser("~/.gitea-api")).read().strip()
@estysdesu
estysdesu / readme.md
Last active December 9, 2023 20:39
[Kindle 4: Jailbreak and SSH] #kindle #ssh #jailbreak

Following this guide: https://wiki.mobileread.com/wiki/Kindle4NTHacking#SSH.
Using Kindle 4.1 and macOS 10.14.

Jailbreak

  1. Connect the Kindle. It should be recognized as a USB Mass Storage Device.
  2. Download the jailbreak archive
  3. Copy data.tar.gz, ENABLE_DIAGS, and diagnostic_logs to the Kindle folder.
  4. Restart the Kindle into Diagnostics Mode.
  5. Reboot the Kindle from the Diagnostics Mode. Reboot screen should show jailbroken screensaver.