Skip to content

Instantly share code, notes, and snippets.

View symm's full-sized avatar
🦄

Gareth Jones symm

🦄
View GitHub Profile
@kconner
kconner / macOS Internals.md
Last active June 10, 2024 08:38
macOS Internals

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

@1oh1
1oh1 / optiplex-3060-enable-pcie3.md
Last active May 12, 2024 04:55
Dell OptiPlex 3060 - Enable NVMe Gen 3 speeds (Enable PCIe 3.0)

Enable PCIe 3.0 speeds for NVMe SSDs on Dell OptiPlex 3060

Out of the box, any M.2 NVMe SSDs connected to the Dell OptiPlex 3060 runs at PCIe Gen 2.0 speeds (Max 5 GT/s; 2 GB/s) so the speed tests look like this:

screen1

However, after this BIOS mod, the SSD can reach PCIe Gen 3.0 speeds (Max 8 GT/s; 3.9 GB/s) so the speed tests look like this:

screen2

@Dasutin
Dasutin / retronas_on_unraid.md
Last active April 20, 2024 08:35
RetroNAS on Unraid

RetroNAS on Unraid

This guide is intended for installing RetroNAS on an already configured Unraid server. If you're not familiar with Unraid or RetroNAS, head over to the RetroNAS GitHub page to learn about RetroNAS and consider setting it up on a Raspberry Pi.

Unraid NFS Setup

Within Unraid, enable NFS by going to Settings and NFS.

  • Enable NFS: Yes
  • Click Apply
@aleksasiriski
aleksasiriski / proxmoxlxcjellyfin.md
Last active April 5, 2024 17:45
Proxmox LXC Alpine Docker Jellyfin

How to setup VA-API within Proxmox LXC Unprivileged container

Proxmox configuration

No drivers need to be installed on the proxmox, from now called host.

Find GIDs of video and render group on host:

cat /etc/group | grep video

cat /etc/group | grep render

@packerdl
packerdl / lxc_plex_intel_quicksync.md
Last active May 25, 2024 19:18
Intel QuickSync passthrough to an unprivileged LXC container running plex.

Running Plex in an Unprivileged LXC with Intel QuickSync Passthrough

First setup an unprivileged Ubuntu container with Plex Media Server installed. Inside the container take note of the id of the plex group.

# Your Plex group's ID may be different
$ getent group plex | cut -d : -f3
998
@ckuethe
ckuethe / doh-blocklist.txt
Last active March 17, 2024 04:51
DNS-over-HTTPS Block List
# Here are some domains I block to interfere with DNS-over-HTTPS, so that my own DNS-based security schemes work.
# If you're going to be doing this, you should probably block all outbound 53, 853, and 5353 on your network,
# except from your own internal DNS resolver (eg. pihole)
#
# Data from https://github.com/curl/curl/wiki/DNS-over-HTTPS (and other places)
1a.ns.ozer.im
8888.google
aattwwss.duckdns.org
abel.waringer-atg.de
@nstarke
nstarke / netgear-private-key-disclosure.md
Last active April 30, 2024 06:02
Netgear TLS Private Key Disclosure through Device Firmware Images

Netgear Signed TLS Cert Private Key Disclosure

Overview

There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.

These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.

The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.

@arthurbeggs
arthurbeggs / install_quartus17.sh
Created November 2, 2019 03:15
Install Quartus Prime Lite 17.0 in Ubuntu
#!/bin/bash
################################################################################
### Install Quartus and ModelSim ###
################################################################################
# Source code at https://github.com/arthurbeggs/scripts #
################################################################################
# #
# Based on https://github.com/jessebarreto/ConfigureWorkspace script. #
# #
@hfiref0x
hfiref0x / akagi_58a.c
Created October 23, 2019 16:27
UAC bypass using EditionUpgradeManager COM interface
typedef interface IEditionUpgradeManager IEditionUpgradeManager;
typedef struct IEditionUpgradeManagerVtbl {
BEGIN_INTERFACE
HRESULT(STDMETHODCALLTYPE *QueryInterface)(
__RPC__in IEditionUpgradeManager * This,
__RPC__in REFIID riid,
@lizthegrey
lizthegrey / attributes.rb
Last active February 24, 2024 14:11
Hardening SSH with 2fa
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'