Skip to content

Instantly share code, notes, and snippets.

View JJTech0130's full-sized avatar

James Gill JJTech0130

854 followers · 152 following
View GitHub Profile
@saagarjha
saagarjha / binja_stripped_selector_stub_fixup.py
Last active October 22, 2023 17:33
Fix up objc_msgSend selector stubs in Binary Ninja
for function in filter(lambda f: f.name == "_objc_msgSend", bv.functions):
selector = function.lowest_address + 4
selector = list(bv.get_code_refs_from(selector))[0]
selector = list(bv.get_data_refs(selector))[0]
selector = list(bv.get_data_refs_from(selector))[0]
selector = bv.get_data_var_at(selector).value
# objc_msgSend itself, probably
if not selector:
continue
selector = selector[:-1].decode()
@macshome
macshome / defang.md
Last active May 8, 2025 09:21
How to defang system protections on macOS

How to Defang macOS System Protections

If you want to change things on the root drive of a Mac you will need to take some steps to disable the built in security of the system. Most of these steps are the same regardless if you are on Intel or Apple Silicon. If there is a difference it is noted.

Note that all of these things put a Mac into an unsupported and less secure state.

Make sure you either perform these steps in a VM or that you reset the protections after you are done poking around

Protections and Terms

(This list is not exahustive on the details of each. Check the links at the end for more info.)

@zhuowei
zhuowei / reachable_services.txt
Created February 21, 2023 06:26
Reachable Mach services from the app sandbox on iOS 16.1
PurpleSystemAppPort
PurpleSystemEventPort
UIASTNotificationCenter
com.apple.ABDatabaseDoctor
com.apple.AppSSO.service-xpc
com.apple.AuthenticationServicesCore.AuthenticationServicesAgent
com.apple.CARenderServer
com.apple.ClipServices.clipserviced
com.apple.CoreAuthentication.daemon
com.apple.DeviceAccess.xpc
@scyto
scyto / proxmox-vGPU.md
Last active May 9, 2025 16:29

Enable & Using vGPU Passthrough

This gist is almost entirely not unlike Derek Seaman's awesome blog:

Proxmox VE 8: Windows 11 vGPU (VT-d) Passthrough with Intel Alder Lake

As such please refer to that for pictures, here i will capture the command lines I used as i sequence the commands a little differently so it makes more logic to me.

This gists assumes you are not running ZFS and are not passing any other PCIE devices (as both of these can require addtional steps - see Derek's blog for more info)

This gist assumes you are not running proxmox in UEFI Secure boot - if you are please refer entirely to dereks blog.

@steven-michaud
steven-michaud / ThirdPartyKexts.md
Last active April 22, 2025 17:07
Running Third Party Kernel Extensions on Virtualization Framework macOS Guest VMs

Running Third Party Kernel Extensions on Virtualization Framework macOS Guest VMs

As of macOS 12 (Monterey), Apple's Virtualization framework has nice support for macOS guest virtual machines, but with severe limitations: For example you can't install a macOS guest on Intel Macs, install guests with newer versions of macOS than the host, copy and paste between the host and the guest, or install third party kernel extensions in the guest. As usual for Apple, the functionality they do support is nicely implemented, but they've left out so much that the result is only marginally useful -- at least compared to

@wh1te4ever
wh1te4ever / TrollDetector.m
Last active April 7, 2025 05:30
TrollStore Detector
//
// ViewController.m
// JBDetectTest
//
// Created by seo on 3/27/25.
//
#import "ViewController.h"
#import <dlfcn.h>