Skip to content

Instantly share code, notes, and snippets.


Koichi Shiraishi zchee

Block or report user

Report or block zchee

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
zchee / EndpointSecurityDemo.m
Created Apr 3, 2020 — forked from Omar-Ikram/EndpointSecurityDemo.m
A demo of using Apple's new EndpointSecurity framework - tested on macOS Catalina 10.15 (19A583)
View EndpointSecurityDemo.m
// main.m
// EndpointSecurityDemo
// Created by Omar Ikram on 17/06/2019 - Catalina 10.15 Beta 1 (19A471t)
// Updated by Omar Ikram on 15/08/2019 - Catalina 10.15 Beta 5 (19A526h)
// Updated by Omar Ikram on 01/12/2019 - Catalina 10.15 (19A583)
#import <Foundation/Foundation.h>
zchee /
Created Feb 13, 2020 — forked from fnky/
ANSI Escape Codes

ANSI Escape Sequences

Standard escape codes are prefixed with Escape:

  • Ctrl-Key: ^[
  • Octal: \033
  • Unicode: \u001b
  • Hexadecimal: \x1b
  • Decimal: 27
View cuetype.go
Command cuetype like the front-end of a CUE compiler, parses and
type-checks a single CUE package. Errors are reported if the analysis
fails; otherwise cuetype is quiet (unless -v is set).
Without a list of paths, cuetype reads from standard input, which
must provide a single CUE source file defining a complete package.
With a single directory argument, cuetype checks the CUE files in
that directory, comprising a single package. Use -t to include the
zchee / spinnaker-rbac.yaml
Created Dec 10, 2019 — forked from rantav/spinnaker-rbac.yaml
Kubernetes RBAC for Spinnaker
View spinnaker-rbac.yaml
# Authorize read-write in the default namespace. Add this Role and the below RoleBinding to every namespace spinnaker deploys artifacts to
kind: Role
name: spinnaker-role
namespace: default
- apiGroups: [""]
resources: ["namespaces", "events", "replicationcontrollers", "serviceaccounts", "pods/logs"]
zchee /
Created Dec 5, 2019 — forked from pwnsdx/
Disable bunch of #$!@ in Catalina
# IMPORTANT: Don't forget to logout from your Apple ID in the settings before running it!
# IMPORTANT: You will need to run this script from Recovery. In fact, macOS Catalina brings read-only filesystem which prevent this script from working from the main OS.
# This script needs to be run from the volume you wish to use.
# E.g. run it like this: cd /Volumes/Macintosh\ HD && sh /Volumes/Macintosh\ HD/Users/sabri/Desktop/
# WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars.
# Get active services: launchctl list | grep -v "\-\t0"
# Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents
zchee / go_1.13_error_migration.bash
Created Oct 16, 2019 — forked from Peltoche/go_1.13_error_migration.bash
Go 1.13 error format migration script
View go_1.13_error_migration.bash
echo "Migrate: $FILES"
sed -i "s/errors.Wrapf(\(.*\), \"\(.*\)\", \(.*\))/fmt.Errorf(\"\2: %w\", \3, \1)/g" $FILES
sed -i "s/errors.Wrap(\(.*\), \"\(.*\)\")/fmt.Errorf(\"\2: %w\", \1)/g" $FILES
sed -i "s/errors.Errorf/fmt.Errorf/g" $FILES
goimports -w .
View Kubernetes Master Nodes Backup for Kops on AWS - A step-by-step

Kubernetes Master Nodes Backup for Kops on AWS - A step-by-step Guide

For those who have been using kops for a while should know the upgrade from 1.11 to 1.12 poses a greater risk, as it will upgrade etcd2 to etcd3.

Since this upgrade is disruptive to the control plane (master nodes), although brief, it's still something we take very seriously because nearly all the Buffer production services are running on this single cluster. We felt a more thorough backup process than the currently implemented Heptio Velero was needed.

To my surprises, my Google searches didn't yield any useful result on how to carry out the backup steps. To be fair, there are a few articles that are specifically for backing up master nodes created by kubeedm but nothing too concrete for `kop

zchee /
Created Sep 9, 2019 — forked from jjo/
Yeah. Get a root shell at any Kubernetes *node* via `privileged: true` + `nsenter` sauce. PodSecurityPolicy will save us. DenyExecOnPrivileged didn't ( exploits it)
# Launch a Pod ab-using a hostPath mount to land on a Kubernetes node cluster as root
# without requiring `privileged: true`, in particular can abuse `DenyExecOnPrivileged`
# admission controller.
# Pod command in turn runs a privileged container using node's /var/run/docker.sock.
# Tweaked for PKS nodes, which run their docker stuff from different
# /var/vcap/... paths
case "${node}" in
zchee /
Created Jul 31, 2019 — forked from sdstrowes/
Reverse Engineering the Protocol, Gökberk Yaltıraklı

Source: Author: Gökberk Yaltıraklı

Reverse Engineering the Protocol

After finishing my command line speed tester written in Rust, I didn't have a proper blog to document this process. A few days ago I wrapped up a simple blogging script in Python so hopefully it works good enough to explain how everything works.

By now I have already figured out the whole protocol for performing a speed test but I will write all the steps that I took so you can learn how to reverse engineer a simple protocol.

The code that I wrote can be found at



  • 100%の時間 利用可能なサービスはない
    • 配慮のないクライアント
    • 50倍の要求
      • (訳注: 上記2つはPokemon Goのことでもある)
    • スラフィックのスパイク
    • 海底ケーブルの切断
  • 私達のサービスに依存するユーザーがいる
You can’t perform that action at this time.