apt-get install python-pip
pip install shadowsocks
sudo ssserver -p 443 -k password -m aes-256-cfb --user nobody -d start
Linus Xanoni xanoni
🐱
xanoni
/ org.nsa.pf.rules
Created
March 1, 2021 00:07
OS X Firewall Packet Filter (pfctl): Killswitch + Protection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Put this file in /etc/pf.anchors/ | |
| # Options | |
| set block-policy drop | |
| set fingerprints "/etc/pf.os" | |
| set ruleset-optimization basic | |
| set skip on lo0 | |
| # Interfaces | |
| inet_define = "en0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Precision: Only works on 2012+ Apple computers | |
| sudo pmset -a destroyfvkeyonstandby 1 hibernatemode 25 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Misc: --start-maximized --disable-save-password-bubble | |
| # Reduce attack surface: --disable-presentation-api --disable-file-system --disable-contextual-search --disable-account-consistency --disable-translate --disable-background-mode --disable-plugins-discovery --disable-webgl --disable-webgl-image-chromium --disable-speech-api --disable-smart-virtual-keyboard --disable-print-preview --disable-password-generation --disable-overlay-scrollbar --disable-offer-upload-credit-cards --disable-ntp-popular-sites --disable-cloud-import --disable-component-cloud-policy --disable-credit-card-scan --disable-bundled-ppapi-flash --disable-java --disable-plugins --disable-ipv6 --disable-people-search --disable-default-apps | |
| # Incognito, sandboxing & security stuff: --incognito --disable-sync --disable-sync-backup --disable-sync-rollback --disable-sync-app-list --disable-sync-types --enable-sandbox --enable-sandbox-logging --isolate-extensions --isolate-sites-for-testing=* --process-per-tab --process-per-site --safe-plugins | |
| # |
xanoni
/ detect.sh
Created
March 1, 2021 00:08
Detect if your applications contains possible hidden datas (see https://medium.com/@sabrihaddouche/how-a-malware-can-infects-digitally-signed-files-without-altering-hashes-on-macos-c7dc9e391a8e for more infos)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "Please wait..." | |
| # Look for suspect files | |
| /usr/bin/find -E /Applications -iregex '.*\.app\/(.*\.DS_Store|Icon.{1})$' > /tmp/.suspectfiles | |
| # Check suspect files | |
| appsCounter=0 | |
| while read path; do |
xanoni
/ Google Chrome Extension Watcher.flock
Created
March 1, 2021 00:12
Google Chrome Extension Watcher.flock
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| watch prefix "$HOME/Library/Application Support/Google/Chrome/Default/Extensions/" "any" wcxm | |
| allow prefix "$HOME/Library/Application Support/Google/Chrome/Default/Extensions/" "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" r |
xanoni
/ disable.sh
Created
March 1, 2021 00:12
Disable bunch of #$!@ in Catalina - Note about Big Sur: https://gist.github.com/pwnsdx/1217727ca57de2dd2a372afdd7a0fc21#gistcomment-3448419
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # IMPORTANT: Don't forget to logout from your Apple ID in the settings before running it! | |
| # IMPORTANT: You will need to run this script from Recovery. In fact, macOS Catalina brings read-only filesystem which prevent this script from working from the main OS. | |
| # This script needs to be run from the volume you wish to use. | |
| # E.g. run it like this: cd /Volumes/Macintosh\ HD && sh /Volumes/Macintosh\ HD/Users/sabri/Desktop/disable.sh | |
| # WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars. | |
| # Get active services: launchctl list | grep -v "\-\t0" | |
| # Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents |
xanoni
/ proxy_for_terminal.md
Created
June 11, 2021 07:00
— forked from fearblackcat/proxy_for_terminal.md
Set proxy for terminal on mac
xanoni
/ vimdiff.md
Created
June 20, 2021 01:53
— forked from mattratleph/vimdiff.md
vimdiff cheat sheet
##git mergetool
In the middle file (future merged file), you can navigate between conflicts with ]c and [c.
Choose which version you want to keep with :diffget //2 or :diffget //3 (the //2 and //3 are unique identifiers for the target/master copy and the merge/branch copy file names).
:diffupdate (to remove leftover spacing issues)
:only (once you’re done reviewing all conflicts, this shows only the middle/merged file)
xanoni
/ removal_feedback_from_malicious_operator.txt
Created
June 22, 2021 06:13
— forked from nusenu/removal_feedback_from_malicious_operator.txt
off-list reply to https://lists.torproject.org/pipermail/tor-relays/2021-May/019644.html (email DKIM signature can be verified by pasting it here https://dkim-validator.com/ )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; | |
| d=googlemail.com; s=20161025; | |
| h=mime-version:in-reply-to:references:from:date:message-id:subject:to; | |
| bh=+lkRo0xHq0A5qPt4Ud4bXvNaQX2AJTwdlR5UthC+VcY=; | |
| b=jau+o2hGzSHgRaoPfJe9eMaxU4Lh7DsSbtV8wQehOE8xaULsl+CoYhZHxXzm8Dr0KW | |
| H5H6up8OANeXTFyBnW35FWBqr6cdCiPbzHCKslHnurBb0/CQ4yinWjahpIbsu35gxfOM | |
| hc1q8r02ahsVyfXrpegxHxv2TjmKEniO0WiXa5ybooZngNJEUdxLwHgPiK7Nnwm7eA8N | |
| /hP1vCBspeaTT2muu22srZkwVygeJiuxUJTewc9bT57LRFQQQ75YELEKIbrL6wwtE7Hf | |
| EGzqdNHJpFvAttioPpSCf54YALz2rKuvrCmEBkFXRa+gyBX2CIDIeqQdzbrRHKiZ10nM | |
| i/Lw== |
xanoni
/ torrc-defaults
Last active
July 14, 2021 08:47
Prevent Tor from connecting to Five-Eyes countries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Add this in the Tor config file | |
| # Exclude Nodes of all of these countries | |
| # Five Eyes: U.S., Australia, Canada, New Zealand, U.K. (also added France because it's becoming worse than the Five Eyes) | |
| ExcludeExitNodes {us},{au},{ca},{nz},{gb},{fr} |
OlderNewer