Skip to content

Instantly share code, notes, and snippets.

View zhaofengli's full-sized avatar

Zhaofeng Li zhaofengli

409 followers · 139 following
View GitHub Profile
@arianvp
arianvp / SSH_MACOS_SECURE_ENCLAVES.md
Last active December 6, 2025 16:17
Native Secure Enclaved backed ssh keys on MacOS

Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive

There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

@steven-michaud
steven-michaud / ThirdPartyKexts.md
Last active November 29, 2025 23:03
Running Third Party Kernel Extensions on Virtualization Framework macOS Guest VMs

Running Third Party Kernel Extensions on Virtualization Framework macOS Guest VMs

As of macOS 12 (Monterey), Apple's Virtualization framework has nice support for macOS guest virtual machines, but with severe limitations: For example you can't install a macOS guest on Intel Macs, install guests with newer versions of macOS than the host, copy and paste between the host and the guest, or install third party kernel extensions in the guest. As usual for Apple, the functionality they do support is nicely implemented, but they've left out so much that the result is only marginally useful -- at least compared to

@busybox11
busybox11 / twitterblue-nerd.js
Last active November 27, 2025 04:10
// ==UserScript==
// @name @chaoticvibing Twitter Blue Nerd - twitter.com
// @namespace Violentmonkey Scripts
// @match *://*.twitter.com/*
// @match *://*.x.com/*
// @grant none
// @version 1.9.2
// @author @chaoticvibing - GH @busybox11
// @description 11/9/2022, 11:45:28 PM
// @updateURL https://gist.githubusercontent.com/busybox11/53c76f57a577a47a19fab649a76f18e3/raw
@joepie91
joepie91 / no-your-cryptocurrency-cannot-work.md
Last active June 1, 2025 21:56
No, your cryptocurrency cannot work

No, your cryptocurrency cannot work

Whenever the topic of Bitcoin's energy usage comes up, there's always a flood of hastily-constructed comments by people claiming that their favourite cryptocurrency isn't like Bitcoin, that their favourite cryptocurrency is energy-efficient and scalable and whatnot.

They're wrong, and are quite possibly trying to scam you. Let's look at why.

What is a cryptocurrency anyway?

There are plenty of intricate and complex articles trying to convince you that cryptocurrencies are the future. They usually heavily use jargon and vague terms, make vague promises, and generally give you a sense that there must be something there, but you always come away from them more confused than you were before.

@saagarjha
saagarjha / library_injector.cpp
Last active November 26, 2025 14:30
Load a library into newly spawned processes (using DYLD_INSERT_LIBRARIES and EndpointSecurity)
// To compile: clang++ -arch x86_64 -arch arm64 -std=c++20 library_injector.cpp -lbsm -lEndpointSecurity -o library_injector,
// then codesign with com.apple.developer.endpoint-security.client and run the
// program as root.
#include <EndpointSecurity/EndpointSecurity.h>
#include <algorithm>
#include <array>
#include <bsm/libbsm.h>
#include <cstddef>
#include <cstdint>
@triffid
triffid / openrc-init-pia
Last active February 15, 2024 06:48
shell script for accessing PIA wireguard
#!/sbin/openrc-run
command="/root/bin/pia-wg.sh"
CONFIGDIR="${CONFIGDIR:-/var/cache/pia-wg}"
CONFIG="${CONFIG:-/etc/pia-wg/pia-wg.conf}"
extra_started_commands="reload"
depend() {
@AlinaNova21
AlinaNova21 / README.md
Last active June 22, 2021 21:01
Rancher 2.0, RKE, and some Raspberry Pi 3s

Kubernetes and Arm

Getting rke and Rancher setup to run kubernetes on arm is interesting. There is no official support yet via rancher, although there is interest and some work done towards those efforts. This is my attempt at getting a cluster of 3 Pis (2 3Bs and 1 3B+) provisioned and registered to a rancher 2 server.

Prep

I've successfully completed this both with Hypriot OS 1.9.0 and the arm64 builds https://github.com/DieterReuter/image-builder-rpi64 Both times I used the same basic cloud-init setup

@Jim-Bar
Jim-Bar / OnePlus_6.md
Last active November 13, 2024 03:46
OnePlus 6 - Stock Firmware
@ErikAugust
ErikAugust / spectre.c
Last active October 7, 2025 15:37
Spectre example code
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
@arichardson
arichardson / CLion_Ninja.md
Last active January 25, 2024 15:23 — forked from nevkontakte/CLion_Ninja.md
Ninja support for CLion IDE

Ninja support for CLion IDE (working with newer versions of clion)

This script enables Ninja-powered builds in CLion IDE by wrapping around CMake, which it uses. See my blog post for details.

Disclaimer

This script is provided AS IS with no guarantees given or responsibilities taken by the author. This script relies on undocumented features of CLion IDE and may lead to instability of build and/or IDE. Use it on your own risk under WTFPL terms.