Skip to content

Instantly share code, notes, and snippets.

@rxaviers
rxaviers / gist:7360908
Last active February 17, 2025 21:56
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: 😄 :smile: 😆 :laughing:
😊 :blush: 😃 :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
😆 :satisfied: 😁 :grin: 😉 :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: 😀 :grinning:
😗 :kissing: 😙 :kissing_smiling_eyes: 😛 :stuck_out_tongue:
@thesamesam
thesamesam / xz-backdoor.md
Last active February 17, 2025 06:49
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@jhaddix
jhaddix / cloud_metadata.txt
Last active February 15, 2025 07:15 — forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@stevenswafford
stevenswafford / google-dorks
Created June 6, 2015 05:57
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!
@pich4ya
pich4ya / root_bypass.js
Created August 5, 2019 20:14
Bypass Android Root Detection / Bypass RootBeer - August 2019
// $ frida -l antiroot.js -U -f com.example.app --no-pause
// CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh):
// - I added extra whitelisted items to deal with the latest versions
// of RootBeer/Cordova iRoot as of August 6, 2019
// - The original one just fucked up (kill itself) if Magisk is installed lol
// Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/
// If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so
Java.perform(function() {
var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu",
@ld100
ld100 / ArchLinuxWSL2.md
Last active February 13, 2025 09:27
Steps for setting up Arch Linux on WSL2

Migrating from Ubuntu on WSL to ArchLinux on WSL2

Obsolete notice

This document was created back in 2020 and might not be actual nowadays. It is not supported anymore, so use thise information at your own risk.

Upgrading to WSL 2

  • Download WSL2 Kernel
  • run wsl --set-default-version 2 in windows command line, so that all future WSL machine will use WSL2.
@ramnathv
ramnathv / gh-pages.md
Created March 28, 2012 15:37
Creating a clean gh-pages branch

Creating a clean gh-pages branch

This is the sequence of steps to follow to create a root gh-pages branch. It is based on a question at [SO]

cd /path/to/repo-name
git symbolic-ref HEAD refs/heads/gh-pages
rm .git/index
git clean -fdx
echo "My GitHub Page" > index.html
@prologic
prologic / LearnGoIn5mins.md
Last active February 12, 2025 06:52
Learn Go in ~5mins
@six519
six519 / ntfs.md
Last active February 9, 2025 19:26
Read/write NTFS drive on macOS Ventura with Apple silicon processor

Configuring your Mac!

Change security settings

  • Shut down your Mac, then press and hold the power button until "Loading startup options" appear.
  • Select "Options"
  • In the menu on top of the screen, choose "Utilities" -> "Startup Security Utility".
  • Click "Security Policy"
  • Select "Reduced Security" and check "Allow user management of kernel extensions from identified developers".
  • Reboot
@akabe1
akabe1 / frida_multiple_unpinning.js
Last active February 8, 2025 15:38
Another Android ssl certificate pinning bypass for various methods
/* Android ssl certificate pinning bypass script for various methods
by Maurizio Siddu
Run with:
frida -U -f <APP_ID> -l frida_multiple_unpinning.js [--no-pause]
*/
setTimeout(function() {
Java.perform(function() {
console.log('');