This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
watch prefix "$HOME/Library/Application Support/Google/Chrome/Default/Extensions/" "any" wcxm | |
allow prefix "$HOME/Library/Application Support/Google/Chrome/Default/Extensions/" "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" r |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "Please wait..." | |
# Look for suspect files | |
/usr/bin/find -E /Applications -iregex '.*\.app\/(.*\.DS_Store|Icon.{1})$' > /tmp/.suspectfiles | |
# Check suspect files | |
appsCounter=0 | |
while read path; do |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Misc: --start-maximized --disable-save-password-bubble | |
# Reduce attack surface: --disable-presentation-api --disable-file-system --disable-contextual-search --disable-account-consistency --disable-translate --disable-background-mode --disable-plugins-discovery --disable-webgl --disable-webgl-image-chromium --disable-speech-api --disable-smart-virtual-keyboard --disable-print-preview --disable-password-generation --disable-overlay-scrollbar --disable-offer-upload-credit-cards --disable-ntp-popular-sites --disable-cloud-import --disable-component-cloud-policy --disable-credit-card-scan --disable-bundled-ppapi-flash --disable-java --disable-plugins --disable-ipv6 --disable-people-search --disable-default-apps | |
# Incognito, sandboxing & security stuff: --incognito --disable-sync --disable-sync-backup --disable-sync-rollback --disable-sync-app-list --disable-sync-types --enable-sandbox --enable-sandbox-logging --isolate-extensions --isolate-sites-for-testing=* --process-per-tab --process-per-site --safe-plugins | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Precision: Only works on 2012+ Apple computers | |
sudo pmset -a destroyfvkeyonstandby 1 hibernatemode 25 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Put this file in /etc/pf.anchors/ | |
# Options | |
set block-policy drop | |
set fingerprints "/etc/pf.os" | |
set ruleset-optimization basic | |
set skip on lo0 | |
# Interfaces | |
inet_define = "en0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Add this in the Tor config file | |
# Exclude Nodes of all of these countries | |
# Five Eyes: U.S., Australia, Canada, New Zealand, U.K. (also added France because it's becoming worse than the Five Eyes) | |
ExcludeExitNodes {us},{au},{ca},{nz},{gb},{fr} |
NewerOlder