Skip to content

Instantly share code, notes, and snippets.

View webhat's full-sized avatar

Daniel W. Crompton webhat

83 followers · 246 following
View GitHub Profile
@whitequark
whitequark / meow.md
Last active May 6, 2025 11:17
reverse engineering tools

"%" means not tested by me personally.

Reference material

Disassemblers and decompilers

  • Binary Ninja: interactive native code disassembler, decompiler, and debugger
  • when building, replace the BN SDK it downloads with a path to BN API library
@dfeldman
dfeldman / gist:5a5630d28b8336f403123c071cfdac9e
Created June 5, 2024 15:48
Database Schema for Microsoft's Copilot+Recall feature
****** SemanticTextStore.db :
CREATE TABLE si_db_info (
schema_version INTEGER
);
CREATE TABLE si_items (
id BLOB(16) PRIMARY KEY NOT NULL
);
CREATE TABLE si_diskann_graph (
id INTEGER PRIMARY KEY,
@Cr4sh
Cr4sh / smm_backdoor_privesc_linux.py
Last active May 22, 2024 02:17
Example program that uses SMM backdoor for local privileges escalation under the Linux
#!/usr/bin/env python
import sys, os, platform, ctypes
from struct import pack, unpack
import smm_backdoor as bd
try:
import capstone
@m-radzikowski
m-radzikowski / script-template.sh
Last active May 14, 2025 01:40
Minimal safe Bash script template - see the article with full description: https://betterdev.blog/minimal-safe-bash-script-template/
#!/usr/bin/env bash
set -Eeuo pipefail
trap cleanup SIGINT SIGTERM ERR EXIT
script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" &>/dev/null && pwd -P)
usage() {
cat <<EOF
Usage: $(basename "${BASH_SOURCE[0]}") [-h] [-v] [-f] -p param_value arg1 [arg2...]
@nixin72
nixin72 / against-online-proctoring.md
Last active June 15, 2021 06:14
Proctored exams will not be tolerated

Dear Concordia University,

I am writing to you on behalf of the Concordia student body regarding the final exams and the decision to use online proctoring. We are urging you to change your decision about having online proctored exams. For many, this is an appalling invasion of privacy, a security risk, a demand for students to trade their morals for a grade, and discrimination against the less fortunate among the student body. In addition, over 7000 thousand Concordia students are against online proctoring.

  1. An invasion of privacy Forcing cameras and microphones into the homes of students is a violation of everyone's online privacy. For some, this might not be a huge concern, but for many others it's spying on
@IanColdwater
IanColdwater / twittermute.txt
Last active April 14, 2025 16:31
Here are some terms to mute on Twitter to clean your timeline up a bit.
Mute these words in your settings here: https://twitter.com/settings/muted_keywords
ActivityTweet
generic_activity_highlights
generic_activity_momentsbreaking
RankedOrganicTweet
suggest_activity
suggest_activity_feed
suggest_activity_highlights
suggest_activity_tweet
@Neo23x0
Neo23x0 / Base64_CheatSheet.md
Last active March 31, 2025 08:27
Learning Aid - Top Base64 Encodings Table

Base64 Patterns - Learning Aid

Base64 Code Mnemonic Aid Decoded* Description
JAB 🗣 Jabber $. Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env:
TVq 📺 Television MZ MZ header
SUVY 🚙 SUV IEX PowerShell Invoke Expression
SQBFAF 🐣 Squab favorite I.E. PowerShell Invoke Expression (UTF-16)
SQBuAH 🐣 Squab uahhh I.n. PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz
PAA 💪 "Pah!" &lt;. Often used by Emotet (UTF-16)
@timvisee
timvisee / falsehoods-programming-time-list.md
Last active May 18, 2025 13:42
Falsehoods programmers believe about time, in a single list

Falsehoods programmers believe about time

This is a compiled list of falsehoods programmers tend to believe about working with time.

Don't re-invent a date time library yourself. If you think you understand everything about time, you're probably doing it wrong.

Falsehoods

  • There are always 24 hours in a day.
  • February is always 28 days long.
  • Any 24-hour period will always begin and end in the same day (or week, or month).
@Roadmaster
Roadmaster / google-chrome-lxc.sh
Created October 18, 2017 21:16
Set up an lxc container with google chrome so it runs confined but displays on localhost.
#!/bin/bash
# Set up an lxc container with google chrome so it runs confined but displayed on the
# localhost.
# Adapted from https://blog.simos.info/how-to-run-graphics-accelerated-gui-apps-in-lxd-containers-on-your-ubuntu-desktop/
# Assume setguid/setid for root is properly setup
# root:1000:1
# Assume aptcache profile exists, see https://gist.github.com/Roadmaster/754110f3f49fef19ec89ae29f29edd11
LXC_NAME=chrome-container
@Roadmaster
Roadmaster / aptcaching.sh
Last active February 4, 2024 00:20
Create an lxc profile enabling use of an apt cache
#!/bin/bash
# Create lxc profile with apt caching
# Requires installing apt-cacher-ng to 10.0.4.1 (your host)
# Could be improved by making the actual apt cache host tunable
# Then use like:
# lxc launch -p default -p aptcache ubuntu:16.04 my-cached-container
NAME=aptcache
CACHE_IP=$(ip addr list lxdbr0 | grep -Po 'inet \K[\d.]+')
if ! ping -c 1 "$CACHE_IP" -w 1 >/dev/null 2>&1; then