Skip to content

Instantly share code, notes, and snippets.

View khcrysalis's full-sized avatar
🍊

SAMSAM khcrysalis

🍊
662 followers · 29 following
View GitHub Profile
@dhinakg
dhinakg / serial.md
Created December 15, 2025 18:27
Getting serial on modern Macs

Getting serial on modern Macs

Modern devices default to serial output over DockChannel by default, which is why macvdmtool serial doesn't work. In order to use legacy UART:

On the target device:

  1. Disable SIP
  2. Disable boot-arg filtering
  3. Set the following boot args:
  • serial=3 (or serial=7 or whatever)
@stephancasas
stephancasas / Process+InteractiveEscalation.swift
Created June 27, 2024 00:25
Synchronously prompt the user for permission to dispatch a new privilege-escalated Process.
//
// Process+InteractiveEscalation.swift
//
//
// Created by Stephan Casas on 6/26/24.
//
import Foundation;
import OSAKit;
@Dziurwa14
Dziurwa14 / spy.pet accounts
Last active June 28, 2025 19:29
[
"928350122843193385",
"1185047194261274665",
"956202276408688650",
"956104664821157918",
"1185047092478095443",
"1185046791826178099",
"1185047045413797898",
"928483283698851901",
"1185047444619284641",
@usagimaru
usagimaru / HiddenMacOSDebuggingPanel.md
Last active October 22, 2025 07:21
Enables useful debugging panel in macOS apps

Use _NS_4445425547 or NS🐞 for enables debuggging panel. When enabled it, a ladybug 🐞 menu appears in the app menu bar.

“4445425547” means DEBUG in Unicode table.

0x44=D
0x45=E
0x42=B
0x55=U
0x47=G

@0xdevalias
0xdevalias / reverse-engineering-macos.md
Last active January 8, 2026 04:01
Some notes, tools, and techniques for reverse engineering macOS binaries
@dlevi309
dlevi309 / DLMobileGestaltSPI-alternate.h
Last active December 25, 2025 18:44
/*
* Copyright (C) 2023 Daniel Levi
*
* Alternate version
*
*/
#pragma once
#include <CoreFoundation/CoreFoundation.h>
@Saik0s
Saik0s / convert.sh
Last active November 26, 2025 01:36
This shell script converts a Google Chrome extension into a Safari web extension. It prints all available extensions, prompts the user for the chrome extension path and desired name, converts and builds safari extension for macOS, and opens the built app.
#!/bin/zsh
ext_root_path=~/Library/Application\ Support/Google/Chrome/Default/Extensions
find "$ext_root_path" -name "manifest.json" -print0 | while IFS= read -r -d '' file; do echo "\033[1;33m$file\033[0m"; echo "-----------------"; cat "$file" | nl -n ln | GREP_COLOR='01;30' grep --color=always '.*'; echo "-----------------"; done
# Prompt the user for the working directory path which is chrome extension root
read -p "Enter the chrome extension path(for example difoiogjjojoaoomphldepapgpbgkhkb/2.7.7_0): " workdir
# Prompt the user for the result app name
read -p "Enter the desired app name: " app_name
@stephancasas
stephancasas / CustomMenuBarExtraCornerMask.swift
Last active October 5, 2025 21:39
A SwiftUI MenuBarExtra window with custom corners
//
// MenuBarTestApp.swift
// MenuBarTest
//
// Created by Stephan Casas on 7/7/23.
//
import SwiftUI
@main
@osy
osy / JBX-0001.md
Created May 19, 2022 04:49
Secure jailbreak infrastructure

Secure jailbreak infrastructure

  • Proposal: JBX-0001
  • Authors: osy
  • Status: draft

Introduction

The ecosystem of iOS [jailbreaks][1] has remained largely unchanged since iOS 1.0 even though the system internals of iOS has undergone several evolutions, enhancing security and enabling new features. iOS jailbreaks traditionally involves neutering a significant portion of the OS's security in order to enable unsigned code execution ("apps") and system modifications ("tweaks"). This allows [malware][2] to target jailbroken users and for misbehaving apps to corrupt data.

@rmorey
rmorey / gen.sh
Created August 17, 2021 19:58
List of Uniform Type Identifiers
/System/Library/Frameworks/CoreServices.framework/Frameworks/LaunchServices.framework/Versions/A/Support/lsregister -dump | grep uti: | cut -c 29- | sort | uniq > utis.txt