Also see the original Pieter Noordhuis's guide
You need:
- Raspberry Pi Model B (or B+) with a MicroSD Card $35-40
- An RTL-SDR dongle:
lxe
/ goes16-rtlsdr.md
Last active
September 18, 2025 04:30
Receive GOES-16 and GOES-17 Images with a Raspberry Pi and RTL-SDR dongle
Proteas
/ inject_trusts-iOS-v12.1.2-16C104-iPhone11,x.c
Last active
October 22, 2023 11:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| void inject_trusts(int pathc, const char *paths[]) | |
| { | |
| printf("[+] injecting into trust cache...\n"); | |
| extern uint64_t g_kern_base; | |
| static uint64_t tc = 0; | |
| if (tc == 0) { | |
| /* loaded_trust_caches | |
| iPhone11,2-4-6: 0xFFFFFFF008F702C8 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0' encoding='utf-8'?> | |
| <?grc format='1' created='3.7.13'?> | |
| <flow_graph> | |
| <timestamp>Sun May 19 19:22:59 2019</timestamp> | |
| <block> | |
| <key>options</key> | |
| <param> | |
| <key>author</key> | |
| <value></value> | |
| </param> |
This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.
"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.
nstarke
/ 01-reversing-cisco-ios-raw-binary-firmware-images-with-ghidra.md
Last active
August 27, 2025 20:23
Reversing Cisco IOS Raw Binary Firmware Images with Ghidra
This brief tutorial will show you how to go about analyzing a raw binary firmware image in Ghidra.
I was recently interested in reversing some older Cisco IOS images. Those images come in the form of a single binary blob, without any sort of ELF, Mach-o, or PE header to describe the binary.
While I am using Cisco IOS Images in this example, the same process should apply to other Raw Binary Firmware Images.
darconeous
/ tesla-key-card-protocol.md
Last active
September 17, 2025 06:49
Tesla Key Card Protocol
Researched by Robert Quattlebaum [email protected].
Last updated 2020-02-03.
darksidelemm
/ STRF_Setup.md
Last active
September 2, 2024 10:49
Setting up STRF Capture & Processing
Author: Mark Jessop (VK5QI) [email protected]
This guide provides information on how to capture FFT data using the strf toolset, process it to look for satellite signals, and finally compare their doppler shift against TLEs from the SpaceTrack database. This can help with resolving the 'TLE lottery' after new launches, or cataloguing transmissions from spacecraft already in orbit.
It should be noted that the analysis described in this document is but a small subset of what the strf tools are capable of! Scott Tilley has a post describing some of the history behind strf and giving a crash course on the relationship between orbital dynamics and the doppler effect here: https://skyriddles.wordpress.com/2019/01/04/basic-orbital-dynamics/
The target platform is Debian-based distributions (e.g. Debian, Raspbian, Ubuntu), but should be applicable to other Linux-based platforms. The data processing software (rfplot and rffit) is also k
ixs
/ intel_x520_patcher.py
Last active
August 23, 2025 06:54
Intel x520 EEPROM Patcher allows to unlock the x520 network card to work with non-intel branded SFP modules.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # Simple Intel x520 EEPROM patcher | |
| # Modifies the EEPROM to unlock the card for non-intel branded SFP modules. | |
| # | |
| # Copyright 2020,2021,2022 Andreas Thienemann <[email protected]> | |
| # | |
| # Licensed under the GPLv3 | |
| # | |
| # Based on research described at https://forums.servethehome.com/index.php?threads/patching-intel-x520-eeprom-to-unlock-all-sfp-transceivers.24634/ |
tdec
/ gist:128751d818e9753364a72086b961390b
Last active
June 23, 2023 20:41
Bluetooth vulnerabilities
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerabilities published by Bluetooth SIG, Android, Apple, Intel and Qualcomm security bulletins, published at security conferences or as master thesis. If any are missing, thanks for pointing me to them ! | |
| Todo: macOS | |
| Year | Name | CVE | |
| 2020 | Blurtooth: Exploiting Cross-Transport Key Derivation | 2020-15802 | |
| 2020 | Pairing Method Confusion | 2020-10134 | |
| 2020 | BIAS: Bluetooth Impersonation Attacks | 2020-10135 | |
| 2020 | BlueRepli | ? | |
| 2020 | BLESA: Bluetooth Low energy spoofing attacks | 2020-9770 |