Skip to content

Instantly share code, notes, and snippets.

View layzhi's full-sized avatar
🤓

layzhi layzhi

🤓
164 followers · 1.3k following
View GitHub Profile
@kconner
kconner / macOS Internals.md
Last active October 31, 2025 14:00
macOS Internals

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

@n1snt
n1snt / Oh my ZSH with zsh-autosuggestions zsh-syntax-highlighting zsh-fast-syntax-highlighting and zsh-autocomplete.md
Last active October 30, 2025 16:25
Oh my ZSH with zsh-autosuggestions zsh-syntax-highlighting zsh-fast-syntax-highlighting and zsh-autocomplete.md

Oh my zsh.

Oh My Zsh

Install ZSH.

sudo apt install zsh-autosuggestions zsh-syntax-highlighting zsh

Install Oh my ZSH.

@BlackFan
BlackFan / Bootstrap_XSS.md
Last active October 21, 2025 08:24
Bootstrap XSS Collection

CVE-2019-8331

Bootstrap < 3.4.1 || < 4.3.1

✔️ CSP strict-dynamic bypass

➖ Requires user interaction

➖ Requires $('[data-toggle="tooltip"]').tooltip();

@flowchartsman
flowchartsman / start.md
Last active July 19, 2022 13:51
Zero To Go

Intro

This is an experiment in self-teaching Go, starting from complete unfamiliarity with the language. The goal is to provide a step-by-step educational resource that you can follow at your own pace, where each phase effectively builds on that which came before it with as little unnecessary overlap as possible. It's very much a "living document" or work in progress, and will likely be under constant revision as I revisit advice, update sources, tweak ordering and learn more about how these resources interact to create a well-rounded knowledge of the language. Please feel free to issue feedback and make any suggestions you feel are pertinent.

Reading

  1. Go through the tour at https://tour.golang.org/list
  2. Promptly abandon all of those plans you have to use channels everywhere
  3. Read the language spec once over: https://golang.org/ref/spec
  4. https://dave.cheney.net/2017/04/26/understand-go-pointers-in-less-than-800-words-or-your-money-back
  5. Read Effective Go: https://golang.org/doc/effective_go.htm
@MatthewWilkes
MatthewWilkes / automated.py
Created January 24, 2019 16:30
Extract deleted commits from a GitHub repo
import argparse
import os
import re
import subprocess
import tempfile
import requests
def get_repo(owner, repo):
@unfo
unfo / oscp-tips.md
Last active September 23, 2024 17:38

A few tips for OSCP

  1. Doing all of the exercises is important since you will discover low-hanging fruit from the labs based on the recon you do with the different tools in the exercises.
  2. Be wary of doing full /24 range port scans, especially for anything more than a few TCP ports. The machines might be in all sorts of broken states left by students etc.
  3. When starting to recon a specific machine:
  • Revert
  • Port scan
  • Try to identify services

Those steps in that order are important. You want a fresh state for the machine and you want to do just simple port scanning first because doing nmap's service scanning or nse scripts might send payloads that actually crash services. So be careful.

@unfo
unfo / how-to-oscp-final.md
Last active October 11, 2025 18:26

How to pass the OSCP

  1. Recon
  2. Find vuln
  3. Exploit
  4. Document it

Recon

Unicornscans in cli, nmap in msfconsole to help store loot in database.