An ACME protocol client written purely in Shell (Unix shell) language.
Full ACME protocol implementation. Support ECDSA certs. Support SAN and wildcard certs. Simple, powerful and very easy to use. You only need 3 minutes to learn it. Bash, dash and sh compatible. Purely written in Shell with no dependencies on python. Self-contained, just one script is needed to issue, renew and install your certificates automatically. DOES NOT require root/sudoer access. Docker ready. IPv6 ready. Cron job notifications for renewal or error etc.

At the beginning of 2020, we discovered the Red Unlock technique that allows extracting Intel Atom Microcode. We were able to research the internal structure of the microcode and then x86 instruction implementation. Also, we recovered a format of microcode updates, algorithm and the encryption key used to protect the microcode.

This is the tools they used to take it apart.

Tool that tests MANY url bypasses to reach a 40X protected page. If you wonder why this code is nothing but a dirty curl wrapper, here's why:

• Most of the python requests do url/path/parameter encoding/decoding, and I hate this.
• If I submit raw chars, I want raw chars to be sent.
• If I send a weird path, I want it weird, not normalized.

This is surprisingly hard to achieve in python without loosing all of the lib goodies like parsing, ssl/tls encapsulation and so on. So, be like me, use curl as a backend, it's gonna be just fine.

The Log File Navigator, lnav for short, is an advanced log file viewer for the small-scale. It is a terminal application that can understand your log files and make it easy for you to find problems with little to no setup. Log messages from different files are collated together into a single view. Automatic detection of log format. Automatic decompression of GZip and BZip2 files. Filter log messages based on regular expressions. Use SQL to analyze your logs.

Even works with systemfail's journals.

Yopass is a project for sharing secrets in a quick and secure manner*. The sole purpose of Yopass is to minimize the amount of passwords floating around in ticket management systems, Slack messages and emails. The message is encrypted/decrypted locally in the browser and then sent to yopass without the decryption key which is only visible once during encryption, yopass then returns a one-time URL with specified expiry date.

There is no perfect way of sharing secrets online and there is a trade off in every implementation. Yopass is designed to be as simple and "dumb" as possible without compromising on security. There's no mapping between the generated UUID and the user that submitted the encrypted message. It's always best send all the context except password over another channel.

Messages can only be viewed once. Message can self-destruct automatically. No accounts or registration is required.

Has CLI functionality built in.

Uses memcached or redis as its back-end.

Public instance: https://yopass.se/

fq is inspired by the well known jq tool and language and allows you to work with binary formats the same way you would using jq. In addition it can present data like a hex viewer, transform, slice and concatenate binary data. It also supports nested formats and has an interactive REPL with auto-completion.

It was originally designed to query, inspect and debug media codecs and containers like mp4, flac, mp3, jpeg. Since then it has been extended to support a variety of formats like executables, packet captures (including TCP reassembly) and serialization formats like JSON, YAML, XML, ASN1 BER, Avro, CBOR, protobuf.

In summary it aims to be jq, hexdump, dd and gdb for files combined into one.

WarcDB is a an SQLite-based file format that makes web crawl data easier to share and query. It is based on the standardized Web ARChive format, used by web archivers.

pdfcpu is a PDF processing library written in Go supporting encryption. It provides both an API and a CLI. Supported are all versions up to PDF 1.7 (ISO-32000). The main focus lies on strong support for batch processing and scripting via a rich command line. At the same time pdfcpu wants to make it easy to integrate PDF processing into your Go based backend system by providing a robust command set.

xmppipe redirects stdin/stdout in a shell pipeline to an XMPP MUC (XEP-0045) or a one to one chat. Supports flow control using stream management (XEP-0198). Optionally deals with overload by acting as a circuit breaker or by discarding messages. Works with line oriented tools like grep, sed and awk by outputting each message as a newline terminated, percent-encoded string. xmppipe can be used in shell scripts to quickly write interactive bots for monitoring systems or for sending alerts.

Requires libstrophe.

A CLI stopwatch utility written as a self-contained shell script. Counts up, can save the last time value and resume at that point.

A countdown timer/stopwatch that runs in your terminal with nice, big ASCII numbers.

A port of the original iotop to C with additional features. Acts like top but for disk I/O. Good for keeping an eye on what's bogging your disk array down.

You can add a capability so that you don't need to be root to run it: sudo setcap 'cap_net_admin+eip' /path/to/iotop

Here's my command line: iotop -o -2 -6 -8

• -o - Only show processes that are currently doing I/O.
• -2 - Don't show the PRIO column, because I don't care about that.
• -6 - Don't show the SWAPIN column, because I don't care about that.
• -8 - Don't show the graph, because I want to see more of the command on the line.

In the AUR as iotop-c.

CLI utility for implementing bionic reading in a command shell.

Melody is a language that compiles to ECMAScript regular expressions, while aiming to be more readable and maintainable. This:

16 of "na";

2 of match {
  <space>;
  "batman";
}

turns into this: /(?:na){16}(?: batman){2}/

simple-homepage is a command line utility that helps you create a simple static homepage for your browser. The documentation can be found here.

flashrom is a utility for identifying, reading, writing, verifying and erasing flash chips. It is designed to flash BIOS/EFI/coreboot/firmware/optionROM images on mainboards, network/graphics/storage controller cards, and various other programmer devices. Supports more than 476 flash chips, 291 chipsets, 500 mainboards, 79 PCI devices, 17 USB devices and various parallel/serial port-based programmers. Supports parallel, LPC, FWH and SPI flash interfaces and various chip packages. No physical access needed, root access is sufficient (for mainboards, presumably).

A better, faster and stronger spiritual successor to BZip2. Features higher compression ratios and better performance thanks to a order-0 context mixing entropy coder, a fast Burrows-Wheeler transform code making use of suffix arrays and a RLE with Lempel Ziv+Prediction pass based on LZ77-style string matching and PPM-style context modeling.

Like its ancestor, BZip3 excels at compressing text or code.

In the AUR.

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

Scapy runs natively on Linux, Windows, OSX and on most Unixes with libpcap (see scapy’s installation page). The same code base now runs natively on both Python 2 and Python 3.

doggo is a modern command-line DNS client (like dig) written in Golang. It outputs information in a neat concise manner and supports protocols like DoH, DoT and DNSCrypt as well. It's totally inspired from dog which is written in Rust. I wanted to add some features to it but since I don't know Rust, I found it as a nice opportunity to experiment with writing a DNS Client from scratch. Human-readable output, optional JSON output. Multiple transport protocols. Supports multiple resolvers at once, IPv4 and IPv6 simultaneously.

In the AUR.

Python 3 tooling to retrieve data from Axon Body Cams. This code should work for first and second generation non-online models.