Skip to content

Instantly share code, notes, and snippets.

View onmyouji's full-sized avatar

onmyouji

View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active November 2, 2025 15:34
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@stdNullPtr
stdNullPtr / Why You Should Reconsider Playing League of Legends: The Risks of Kernel-Level Anti-Cheat Software.md
Last active November 2, 2025 18:09

TL;DR

When Riot Games introduces the Vanguard anti-cheat to League of Legends, you should STOP playing and you must NOT install the anti-cheat when you get the pop-up. Vanguard is a kernel-level anticheat and these anticheats operate at a privilege level HIGHER THAN YOUR OWN. The anti-cheat can do things that even YOU can't do, without asking or letting you know. It's like Riot installing a camera in every room of your house and getting a copy of every key inside.

Here are just a few examples of what they can do:

@ner00
ner00 / viewimage.user.js
Last active October 31, 2025 01:50 — forked from bijij/viewimage.user.js
Userscript version of the View Image extension
// ==UserScript==
// @name View Image
// @namespace https://github.com/bijij/ViewImage
// @version 3.7.0.17
// @description Re-implements the Google Images' "View Image" and "Search by Image" buttons.
// @author Joshua B
// @icon data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAYAAABXAvmHAAAFdElEQVRoge2YX2xTVRzHv7ejc8BGmuAYwQXHgxmEIDVqIiEmHULUxIcaffShE2YMgdjBgwRM4HHu5ZpofGDorfpAjA8j0ZjxZxbcwERZWOKTPhjGxv51W9vb293/5/hw1/Z299ze27WgJPs2be89f379/M45v3N+t8C61rWuJ1qcW0X6zIkIR8FTRQ5TVQUIASi1KgvfBa3c02J5qX7r1z+U/cZi7F2K1e2Kt7byognrIvHcCZw+f8TBu4EFr997K2L89U8yPwg2eBl/eR3LCbvI4gKj7yoHVtm42HkaI00HmPYCzEJD4jfs+BMbD00yO7nBVyd/fQY6T2Nk+xHXeuYMEGMpDACNezIAKB4O7ag4vaXRZ5fbtWiS8oKyWbVsb23gfMG7OgBTLkI07skgKAZ6Z29tG2c0dLdssItThHS5tevYtZNvyKTDyEsY2H0KI22V4QGXINZ/bbcNHQU4riv46tRNT2s1KP3RUYHMz8VINuuAL8AMfdzs4GXGgNWl8H70Ssd7LHhRxMBua9kQTSqSAO5h5uLA41M63iOQuVkLvvMURrYfBlGzMOVFxpJ1qoIDj34WrJGfjZGcBT+6Am9IM4kNLTt7/diosIQerYrwooiBzl6Mbj8McwV++NOXuv3aYe9CBRUWnumypaxRdvhLnacw2vYaE97
@lbmaian
lbmaian / youtube-hide-livechat.user.js
Last active October 16, 2025 21:03
YouTube - Hide Live Chat By Default
// ==UserScript==
// @name YouTube - Hide Live Chat By Default
// @namespace https://gist.github.com/lbmaian/94824cef728917a53d3c6e6ea885469c
// @downloadURL https://gist.github.com/lbmaian/94824cef728917a53d3c6e6ea885469c/raw/youtube-hide-livechat.user.js
// @updateURL https://gist.github.com/lbmaian/94824cef728917a53d3c6e6ea885469c/raw/youtube-hide-livechat.user.js
// @version 0.14
// @description Hide live chat by default on live streams
// @author lbmaian
// @match https://www.youtube.com/*
// @exclude https://www.youtube.com/embed/*
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active October 14, 2025 08:35
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@xyrilyn
xyrilyn / gist:2d645a6266f8fb23a89ad4a7ea7ddcbb
Created January 29, 2020 06:06
Disco Elysium - Kineema Orb / Torque Talk [ID 449]
{
"id": 449,
"fields": [
{
"title": "Title",
"value": "KINEEMA ORB / torque talk",
"type": 0,
"typeString": ""
},
{
@TheRadziu
TheRadziu / ultimate-vita-comparison.md
Last active September 19, 2025 00:39
Ultimate Vita Comparison (Firmwares & Rips vs Dumps)

Due to so many misinformation, false claims and confusion that goes around the web I've decided to make this quick comparison of all most known backup enabling tools, hackable vita firmwares and which one you should be using and why.
Date of last update: 13.01.2020

NoNpDRM Rips vs Dumps

NoNpDRM Rips Vitamin / MaiDumpTool Dumps
All original files untouched
Support Retail DLCs
Support Ripped (NoNpDRM) DLCs
Support Dumped (Vitamin/Mai) DLCs 1
@melissamcewen
melissamcewen / unlike.py
Last active October 18, 2019 09:19
def delete(api, date, r):
with open("likes.csv") as file:
count = 0
for row in csv.DictReader(file):
tweet_id = int(row["tweet_id"])
try:
print "Deleting like"
api.CreateFavorite(status_id=tweet_id)
@marcan
marcan / memopri.py
Last active June 13, 2025 03:20
Casio MemoPri (メモプリ) printer client
#!/usr/bin/python3
import sys, socket, struct
import PIL, PIL.Image, PIL.ImageOps
DENSITY_MIN = 0
DENSITY_LIGHT = 1
DENSITY_NORMAL = 2
DENSITY_HEAVY = 3
DENSITY_MAX = 4
@pbausch
pbausch / pinpoptweets.js
Last active December 20, 2016 03:13
Embed Tweets on the Pinboard Popular Page with Tampermonkey
// ==UserScript==
// @name New Userscript
// @namespace http://tampermonkey.net/
// @version 0.1
// @description embed tweets on Pinboard Popular page
// @author You
// @match https://pinboard.in/popular/
// @grant none
// ==/UserScript==