Skip to content

Instantly share code, notes, and snippets.

View danielweck's full-sized avatar
👀

Daniel Weck danielweck

👀
151 followers · 3 following
View GitHub Profile
@arianvp
arianvp / SSH_MACOS_SECURE_ENCLAVES.md
Last active February 11, 2026 23:50
Native Secure Enclaved backed ssh keys on MacOS

Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive

There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

@BertanT
BertanT / guide_macskeyinstaller.md
Last active February 10, 2026 14:35
macOS OpenSSH Client Patcher for Hardware Security Key Support (ED25519-SK With YubiKey Etc.)

🔐 macOS OpenSSH Patcher for Hardware Security Keys

Supports ED25519-SK with Yubikey and other FIDO2 hardware security keys!

🤔 Discussion

Despite being compiled to support hardware security keys that take advantage of the FIDO2 protocol, the built-in OpenSSH client on macOS Sonoma and above lacks the middleware/library to support these devices. To keep using the built-in client - which is often the most stable and secure method for SSH connections - we need to compile the Security Key Provider from OpenSSH source and tell the macOS client about it ourselves.

This script does all of that for you on both Apple Silicon and Intel Mac computers!

The script installs openssl and libfido2 along with the required build tools from Homebrew. It then clones the latest main branch of OpenSSH Portable and builds from it the Security Key Provider library: sk-libfido2.dylib. It finally moves the built library to /usr/local/lib/, modifies ~/.zshenv to expor

@smx-smx
smx-smx / XZ Backdoor Analysis
Last active January 23, 2026 19:13
[WIP] XZ Backdoor Analysis and symbol mapping
XZ Backdoor symbol deobfuscation. Updated as i make progress
@q3k
q3k / hashes.txt
Last active October 21, 2025 14:24
liblzma backdoor strings extracted from 5.6.1 (from a built-in trie)
0810 b' from '
0678 b' ssh2'
00d8 b'%.48s:%.48s():%d (pid=%ld)\x00'
0708 b'%s'
0108 b'/usr/sbin/sshd\x00'
0870 b'Accepted password for '
01a0 b'Accepted publickey for '
0c40 b'BN_bin2bn\x00'
06d0 b'BN_bn2bin\x00'
0958 b'BN_dup\x00'
@thesamesam
thesamesam / xz-backdoor.md
Last active January 9, 2026 08:45
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@wesbos
wesbos / logger.js
Created January 8, 2024 15:55
console.log line numbers in Node.js
// Use like this: node --import logger.js yourapp.js
import path from 'path';
const { log } = console;
[`debug`, `log`, `warn`, `error`, `table`, `dir`].forEach((methodName) => {
const originalLoggingMethod = console[methodName];
console[methodName] = (...args) => {
const originalPrepareStackTrace = Error.prepareStackTrace;
Error.prepareStackTrace = (_, stack) => stack;
@guest271314
guest271314 / javascript_engines_and_runtimes.md
Last active February 2, 2026 22:31
A list of JavaScript engines, runtimes, interpreters

V8 is Google’s open source high-performance JavaScript and WebAssembly engine, written in C++. It is used in Chrome and in Node.js, among others. It implements ECMAScript and WebAssembly, and runs on Windows 7 or later, macOS 10.12+, and Linux systems that use x64, IA-32, ARM, or MIPS processors. V8 can run standalone, or can be embedded into any C++ application.

SpiderMonkey is Mozilla’s JavaScript and WebAssembly Engine, used in Firefox, Servo and various other projects. It is written in C++, Rust and JavaScript. You can embed it into C++ and Rust projects, and it can be run as a stand-alone shell. It can also be [compiled](https://bytecodealliance.org/articles/making-javascript-run-fast-on

@developit
developit / *Preact Root Fragment - replaceNode for Preact 11+.md
Last active July 16, 2025 12:27
MOVED: https://github.com/preactjs/preact-root-fragment

Note

This gist has graduated to a proper repo: preactjs/preact-root-fragment

preact-root-fragment: partial root rendering for Preact

This is a standalone Preact 10+ implementation of the deprecated replaceNode parameter from Preact 10.

It provides a way to render or hydrate a Preact tree using a subset of the children within the parent element passed to render():

@developit
developit / hydrate-root.js
Created September 24, 2021 16:22
import { h, hydrate } from 'preact';
let C = 0;
export function Root({ href, data, children }) {
let json = data && JSON.stringify(data);
let id = 'root:'+++C;
return [
h(`!--${id}--`),
children,
h('component-root', { href, id },
@winstonma
winstonma / Onyx Boox Image Extractor.md
Last active May 28, 2024 05:20
Onyx Boox Image Extractor

Onyx Boox Image extractor

This extractor runs on debian linux and allows you to read the image content without owning an Onyx Boox device

Running the script

Please use a Debian based linux device to run the script. Please follow the steps below:

  • Open the the table of supported device on the browser, and find the MODEL column of your desired device
  • Open download.sh, and replace DEVICE_NAME with your name of your desired device
  • Run download.sh