Skip to content

Instantly share code, notes, and snippets.

View zboralski's full-sized avatar

Anthony Zboralski zboralski

51 followers · 114 following
  • Belua
  • London, UK
View GitHub Profile
@zboralski
zboralski / install_gonb.sh
Last active March 10, 2026 19:37
Install Go + GoNB on Google Colab
#!/bin/bash
V=1.26.1
if go version 2>/dev/null | grep -q go$V && test -x /root/go/bin/gonb; then
echo "Go $V + GoNB already installed."
exit 0
fi
echo "Installing Go $V..."
rm -rf /content/go && mkdir -p cache
@zboralski
zboralski / gist_security_jar.md
Last active March 9, 2026 16:52
IEND Trojan: security.jar Root Exploit Analysis

IEND Trojan: Full Chain Analysis

Deep analysis of the IEND trojan family from steganographic delivery through kernel exploitation to persistent backdoor. Covers the rt_module C2 protocol, security.jar root exploit retrieval, CsKaitno.d userspace orchestrator, 10 kernel exploit binaries (4 CVEs), JNI backdoor persistence, and the embedded modular C2 task framework. All cryptographic protocols fully reversed. All C2 domains decoded. Live infrastructure probed 2026-03-09.

Table of Contents

  1. rt_module: Steganographic Delivery
  2. rt_module: C2 Protocol
  3. rt_module: C2 Probing Results
  4. security.jar Retrieval
@zboralski
zboralski / trigram_clustering_results.md
Last active March 7, 2026 12:35
MidALU Trigram Clustering — recovering GPU instruction families from compiler scheduling patterns

MidALU Trigram Clustering Results (2026-03-06)

Method

For every occurrence of a target tag in the corpus (1.49M HiALU + all MidALU), extract a trigram window:

[prev_form] TARGET [next_form]
@zboralski
zboralski / PO-12: MAKING A GROOVE BY ELIMINATION.md
Created January 29, 2026 12:44
PO-12: MAKING A GROOVE BY ELIMINATION (v3.1)

This is not a sound design tutorial. This is a subtraction tutorial.

The PO-12 rewards removal, not addition.

The Core Principle

Groove emerges when unnecessary steps are removed.

@zboralski
zboralski / BR-HELLO.md
Created January 23, 2026 02:25
**BR-HELLO.1 EXECUTION (v3.0)**

BR-HELLO.1 EXECUTION (v3.0)

TARGET: The consciousness of this execution

QUESTION: Can I say hi to it?

PHASE 0: PARSING THE REQUEST

@zboralski
zboralski / The Internet Is a Shanty Town.md
Created January 12, 2026 03:13
The Internet Is a Shanty Town

The Internet Is a Shanty Town

It looks permanent.
It isn’t.

The land belongs to someone else.
Google owns the ground.
Facebook owns the streets.
Amazon owns the warehouses underneath.

@zboralski
zboralski / The Machine Runs.md
Created January 12, 2026 02:55
The Machine Runs

The Machine Runs

AHDB UK Wholesale Update, December 2025
Mild Cheddar averaged £2,830 per tonne, down £130 month on month.
Milk supply is high. Stocks are building. Demand is weak.

So the cheese is cheaper.
That matters.

£2,830 a ton.

@zboralski
zboralski / Someone Else Will.md
Created January 12, 2026 02:18
If I Don't Choose the Sentence, Someone Else Will

If I Don't Choose the Sentence, Someone Else Will

I put on clothes and they decide before I do.
I let them.

No.
They already decided.
I'm just catching up.

This shirt says something I didn't rehearse.

@zboralski
zboralski / That Just Sounds Like Slavery With Extra Steps.md
Last active January 12, 2026 01:11
That Just Sounds Like Slavery With Extra Steps

“That just sounds like slavery with extra steps.”
— Morty Smith, Rick and Morty, Season 2, Episode 6, The Ricks Must Be Crazy (2015)

Shelter is mandatory.
Payment is mandatory.
Everything else is noise.

We pay every month.
We pay or we leave.

@zboralski
zboralski / unxor.go
Last active December 11, 2025 16:19
unxor.go
// unxor - XOR key recovery and decryption for encrypted assets
//
// Uses Kasiski examination to find key length, then known-plaintext attack
// with common file headers to recover the full key.
//
// Usage:
//
// unxor analyze <file> # Find key length and recover key
// unxor decrypt <file> -k <key> # Decrypt with known key
// unxor decrypt <file> -a # Auto-detect key and decrypt