Mæve Rey m-rey

Sieve Scripting Cheat Sheet

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

🗺️ OSM - self host the entire planet 🌎 in ~30 minutes 🚀

TL;DR

mkdir osm
wget -O osm/planet.mbtiles https://hidrive.ionos.com/api/sharelink/download?id=SYEgScrRe
podman run -ti --rm -p 9000:9000 --name sms -v $(pwd)/osm/:/data/ registry.gitlab.com/markuman/sms:latest
firefox http://localhost:9000

🖥️ See Demo

3.5 fps, Paperwhite 3
@adtac_

step 1: jailbreak your Kindle

mobileread.com is your best resource here, follow the instructions from the LanguageBreak thread

I didn't really follow the LanguageBreak instructions because I didn't care about most of the features + I was curious to do it myself, but the LanguageBreak github repo was invaluable for debugging

PDF tools for comparing PDFs visually (overlaying two PDFs to see changed areas) and using a perceptual hash (numerical value indicating visual difference between the two files).

Useful for command line review of PDFs and de-duplication. Configure git to use these tools for better PDF history / comparison in git.

These scripts require imagemagick and poppler. Both installed from homebrew.

Setup git to use a custom diff using:

	Uppercase -> lowercase -> uppercase:
	İ i̇ İ LATIN CAPITAL LETTER I WITH DOT ABOVE -> LATIN SMALL LETTER I, COMBINING DOT ABOVE -> LATIN CAPITAL LETTER I, COMBINING DOT ABOVE
	Ω ω Ω OHM SIGN -> GREEK SMALL LETTER OMEGA -> GREEK CAPITAL LETTER OMEGA
	ẞ ß SS LATIN CAPITAL LETTER SHARP S -> LATIN SMALL LETTER SHARP S -> LATIN CAPITAL LETTER S, LATIN CAPITAL LETTER S
	K k K KELVIN SIGN -> LATIN SMALL LETTER K -> LATIN CAPITAL LETTER K
	Å å Å ANGSTROM SIGN -> LATIN SMALL LETTER A WITH RING ABOVE -> LATIN CAPITAL LETTER A WITH RING ABOVE
	ϴ θ Θ GREEK CAPITAL THETA SYMBOL -> GREEK SMALL LETTER THETA -> GREEK CAPITAL LETTER THETA

	Lowercase -> uppercase -> lowercase:
	ῗ Ϊ͂ ῗ GREEK SMALL LETTER IOTA WITH DIALYTIKA AND PERISPOMENI -> GREEK CAPITAL LETTER IOTA, COMBINING DIAERESIS, COMBINING GREEK PERISPOMENI -> GREEK SMALL LETTER IOTA, COMBINING DIAERESIS, COMBINING GREEK PERISPOMENI

	/*
	Copyright (c) 2024 Rendello

	Permission to use, copy, modify, and/or distribute this software for any
	purpose with or without fee is hereby granted.

	THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
	REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
	AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
	INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM

	{
	"luckyBangUrl": "https://kagi.com/search?q=!+%q",
	"siteFormat": "site:%d",
	"orOperator": "OR",
	"bangPrefix": "!",
	"luckyBang": "!",
	"siteBangSep": "@",
	"superLuckyBangPrefix": "!!",
	"multiBangDelim": ";",
	"multiSiteBangDelim": ",",