Hero Image
Articles

Pokemon Emerald in WebAssembly(https://github.com/tripplyons/pokeemerald-wasm) Github wxt: Next-gen Web Extension Framework Skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize A curated list of awesome 3D printing resources hermes-agent: It’s the only agent with a built-in learning loop - it creates skills from experience, improves them during use, nudges itself to persist knowledge, searches its own past conversations, and builds a deepening model of who you are across sessions. Run it on a $5 VPS, a GPU cluster, or serverless infrastructure that costs nearly nothing when idle. It’s not tied to your laptop - talk to it from Telegram while it works on a cloud VM. loupe: A privacy-focused iOS app that raises awareness about what native apps can see(https://apps.apple.com/cn/app/loupe-app%E8%83%BD%E7%9C%8B%E5%88%B0%E4%BB%80%E4%B9%88/id6766152470) LaunchNext: Bring your Launchpad back in MacOS26+ ,highly customizable, powerful, free. endlessh: SSH tarpit that slowly sends an endless banner iptables-tracer: Trace packets as they go through iptables chains serverless-dns: The RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io ouch: stands for Obvious Unified Compression Helper. It’s a CLI tool for compressing and decompressing various formats.(https://github.com/ouch-org/ouch#supported-formats) shpool: shpool is a service that enables session persistence by allowing the creation of named shell sessions owned by shpool so that the session is not lost if the connection drops. shpool can be thought of as a lighter weight alternative to tmux or GNU screen. While tmux and screen take over the whole terminal and provide window splitting and tiling features, shpool only provides persistent sessions. The biggest advantage of this approach is that shpool does not break native scrollback or copy-paste. capslock: is a capability analysis CLI for Go packages that informs users of which privileged operations a given package can access. This works by classifying the capabilities of Go packages by following transitive calls to privileged standard library operations. unregistry: Push docker images directly to remote servers without an external registry NetNewsWire is a free and open-source feed reader for macOS and iOS. It supports RSS, Atom, JSON Feed, and RSS-in-JSON formats. K4YT3X’s Hardened & Optimized Linux Kernel Parameters Turso is an in-process SQL database, compatible with SQLite. zizmor is a static analysis tool for GitHub Actions. RustFS is a high-performance, distributed object storage system built in Rust. Usage: is a spec and CLI for defining CLI tools. Arguments, flags, environment variables, and config files can all be defined in a Usage spec. It can be thought of like OpenAPI (swagger) for CLIs. SurfSense: An open source, privacy focused alternative to NotebookLM for teams with no data limits. ICANN implementation of the Registry Data Access Protocol (RDAP) OpenRDAP is a command line RDAP client implementation in Go. Article 1-Click GitHub Token Stealing via a VSCode Bug Linux 系统误将 chmod 权限改成 了 000,如何恢复? Laptops all have built-in security tokens these days Tailscale and RustDesk: Secure remote access to all your desktops Unexpected security footguns in Go’s parsers 君子慎讀 辭典中標注的「讀音」和「語音」是什麼? 拜託別再「我汗你」了! Linux 系统误将 chmod 权限改成 了 000,如何恢复? #include <sys/stat.h> int main() { chmod("/usr/bin/chmod", 0755); return 0; } ubuntu@ubuntu:~$ which chmod /usr/bin/chmod ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod -rwxr-xr-x 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod ubuntu@ubuntu:~$ sudo chmod 000 /usr/bin/chmod ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod ---------- 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod ubuntu@ubuntu:~$ cat main.c #include <sys/stat.h> int main() { chmod("/usr/bin/chmod", 0755); return 0; } ubuntu@ubuntu:~$ gcc ./main.c ubuntu@ubuntu:~$ sudo ./a.out ubuntu@ubuntu:~$ ls -lh /usr/bin/chmod lrwxrwxrwx 1 root root 8 Sep 27 2025 /usr/bin/chmod -> gnuchmod ubuntu@ubuntu:~$ ls -lh /usr/bin/gnuchmod -rwxr-xr-x 1 root root 67K Jan 23 21:34 /usr/bin/gnuchmod Laptops all have built-in security tokens these days macOS https://github.com/yubico/libfido2

Wednesday, June 10, 2026 Read
Hero Image
Mosdns-X

Mosdns-X Make DNS faster and cleaner on Linux: Deploy Mosdns-X install bash <(curl -sL https://raw.githubusercontent.com/lidebyte/bashshell/refs/heads/main/mosdns-x-manager.sh) config sudo tee /etc/mosdns-x/config.yaml > /dev/null <<'EOF' # mosdns-x concurrent query (no split routing) config log: level: info file: /var/log/mosdns-x/mosdns-x.log plugins: # Cache plugin - tag: cache type: cache args: size: 1024 lazy_cache_ttl: 1800 # Concurrent upstreams: take the first usable answer - tag: forward_all type: fast_forward args: upstream: # AliDNS - addr: "udp://223.5.5.5" - addr: "tls://dns.alidns.com" # DNSPod / doh.pub - addr: "udp://119.29.29.29" - addr: "tls://dot.pub" # Cloudflare - addr: "udp://1.1.1.1" - addr: "tls://cloudflare-dns.com" # Google - addr: "udp://8.8.8.8" - addr: "tls://dns.google" # Main pipeline: small cache -> concurrent selection - tag: main type: sequence args: exec: - cache - forward_all # Listen on dual-stack UDP/TCP 53 servers: - exec: main listeners: - addr: :53 protocol: udp - addr: :53 protocol: tcp EOF systemd sudo tee /etc/systemd/system/mosdns.service > /dev/null <<'EOF' [Unit] Description=Mosdns-X DNS Accelerator After=network.target [Service] Type=simple User=root Group=root ExecStart=/usr/local/bin/mosdns-x start --as-service -d /usr/local/bin -c /etc/mosdns-x/config.yaml Restart=always RestartSec=5 StandardOutput=journal StandardError=journal SyslogIdentifier=mosdns [Install] WantedBy=multi-user.target EOF sudo systemctl daemon-reload sudo systemctl enable --now mosdns # Backup system DNS sudo cp -n /etc/resolv.conf /etc/resolv.conf.mosdns-backup # Switch to local Mosdns-X echo -e "nameserver 127.0.0.1\noptions edns0" | sudo tee /etc/resolv.conf # If port 53 is occupied by systemd-resolved, disable it sudo systemctl disable --now systemd-resolved 2>/dev/null || true # If you also want to lock it (prevent DHCP changes), run chattr too: echo -e "nameserver 127.0.0.1\n" > /etc/resolv.conf && chattr +i /etc/resolv.conf # Check process status sudo systemctl status mosdns --no-pager # Test resolution speed (second run should hit cache) dig +stats www.google.com dig +stats www.baidu.com # View logs in real time tail -f /var/log/mosdns-x/mosdns-x.log

Sunday, November 9, 2025 Read
Hero Image
What happens after you type a URL in the browser and press Enter?

What happens after you type a URL in the browser and press Enter?

Sunday, July 18, 2021 Read
Hero Image
Install PowerDNS and PowerDNS-Admin on Ubuntu 22.04|20.04|18.04

Install PowerDNS and PowerDNS-Admin on Ubuntu 22.04|20.04|18.04 Master-Master PowerDNS with Galera Replication https://www.scaleway.com/en/docs/installing-powerdns-server-on-ubuntu-bionic/ Install PowerDNS $ sudo apt update $ sudo apt install mariadb-server -y $ sudo mysql -u root CREATE DATABASE powerdns; GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY 'Str0ngPasswOrd'; FLUSH PRIVILEGES; USE powerdns; CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT UNSIGNED DEFAULT NULL, account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX ordername ON records (ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL, comment TEXT CHARACTER SET 'utf8' NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB CHARACTER SET 'latin1'; CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); $ sudo systemctl disable systemd-resolved $ sudo systemctl stop systemd-resolved $ ls -lh /etc/resolv.conf lrwxrwxrwx 1 root root 39 Jul 24 15:50 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf $ sudo unlink /etc/resolv.conf $ echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf Add official PowerDNS repository for Ubuntu 22.04|20.04|18.04.

Friday, September 25, 2020 Read