Pinout.xyz
mitmproxy
Pinout.xyz | mitmproxy | |
---|---|---|
48 | 153 | |
677 | 34,857 | |
0.9% | 1.5% | |
4.8 | 9.4 | |
about 1 month ago | 3 days ago | |
HTML | Python | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Pinout.xyz
-
The Pinouts Book: Pinout functions for 130 commonly used components
Obligatory shameless plug of https://pinout.xyz where I’ve been maintaining an interactive Raspberry Pi SBC pinout for some years, and the newer https://pico.pinout.xyz where I’ve tried to do the same for the Raspberry Pi Pico board. The latter also became a command-line pinout via the Python package “picopins”
I feel- and of course I’m biased- that if anything is worth bringing to the table for device pinouts it’s interactivity and accessibility. The latter, in particular, is lost in static images. I really leaned into this with the Pico Pinout, including everything from visual accessibility accommodations (avoiding low contrast text background colours), to markup for screen readers to the ability to turn off labels and reduce noise. I’m still unsure if I actually achieved my goal, but it’s been fun.
-
Q: KS0212 4 port relay interface to the Raspberry Pi
There is a great resource to be found at pinout.xyz that details a lot of boards and the pins they actually use.
-
Network and dual WAN monitor
All the LEDs have their negative pins together and go through two 1k resistors in series on their way to ground (any gpio ground pin). Then a short piece of jumper wire goes from the positive lead of each LED to it's GPIO pin number. Don't use the pin order number, use the GPIO number.
-
Show HN: An accessible, beautiful Raspberry Pi Pico pinout
I wanted to create an accessible alternative to the official Pico pinout image, offering more complete pin details, light/dark modes, screen-readable text, and at least some capacity to focus on the peripherals you’re interested in. It’s a sister site to the now ancient Raspberry Pi pinout (https://pinout.xyz/) which started out life hosted on a Raspberry Pi.
-
Setting up "Adafruit SHT-30 Mesh-protected Weather-proof Temperature/Humidity Sensor" with Raspberry Pi
GPIO PIN numbers - its a real pain with both board and BCM numbers (see pinout.xyz for details) without having to translate what the libraries use by default!
-
My Star64 displays nothing on the HDMI-connected screen
The pins are at top right corner here: https://pinout.xyz/ and you just connect TX to RX, RX to TX and GND to GND. On the software side you can use picocom on the builtin serial device. Not sure which though, seems to depend on the software and exact revision of your RPi.
- Ask HN: Most interesting tech you built for just yourself?
-
Wiring buttons to GPIO pins
You can see all the pins on the pin documented at https://pinout.xyz
-
Connecting a pico-enabled screen on a PI4?
Use pinout.xyz to see what pins are used for the SPI interface on your Pi.
-
need help with first time useing
You have mixed up the PIN numbers - the Pi has two sets on numbers (board and BCM) - see here for details
mitmproxy
-
Apple's M4 Has Reportedly Adopted the ARMv9 Architecture
Mainly this was just myself getting irritated at MS Teams and trying to figure out what it was doing. It was a couple years ago and my current company doesn't use teams, thankfully, so I can't really see if its still valid.
From what I remember..
There are files on the disk that get updated/overwritten with pulls from the server every time it launches. Somewhere in AppData I think. A few of these are config files (with lots of interesting looking settings, including beta features).
One of the config entries specifies a telemetry endpoint (which, you _could_ figure out with a network tracing tool but there are a ton of MS telemetry endpoints your machine is probably talking to. Best to just grab the one explicitly being used from the config like this). I forget the full name of the setting but the name pretty clearly indicates its for telemetry, and the file is clearly a config file. If you can't find it just by browsing the structure, try a multi-file search tool and look for 'telemetry' or URL/hostnames.
You can't really change the value on disk and make it just take effect from there, since it gets downloaded from the server and overwritten before Teams loads. There might be some tricks you can do locally to persist the change but nothing seemed to work for me. You could override response from server via mitmproxy but that requires finding where it comes across the wire at launch time and then building a script/config to replace it.
Anyway, you can block that telemetry endpoint from a firewall and see your memory bloat. Or you can intercept that endpoint in any mitm proxy. I went with this [mitmproxy](https://mitmproxy.org/). From there you can capture the content it sends to the endpoint, or even change the response the server sends (Teams just seems to expect a 200 code back).
The telemetry data itself is some kind of streaming event format. I think I even found documentation on the structure on some microsoft website, so its likely a reused format.
It's pretty straightforward.
I couldn't spend too much time on it and now it's not something I even use, but some cool things you might want to try if you dive deeper into this:
- Overwrite the config file as it returns from the server, to turn on EU data protection, change various functionality you're not supposed to, or flip some feature flags.
- Figure out if there's a feature flag or even other overwrite to fully disable the metrics so they aren't even collected, from anywhere in the app.
- Intercept telemetry, return an 'OK' response and drop the data from telemetry, or maybe document what they collect more definitively if you think there's interest somewhere. This keeps your privacy but doesn't really do anything for performance.
- Interfere with the data before actually returning it, maybe try playing with event contents and channel/user indicators. Microsoft probably won't like this if they notice, but it's unlikely they'll even notice.
- Ask HN: Fiddler Alternatives
- Bruno
-
AirBnb Wifi Safety Precaution needed?
This statement gives a false sense of security. You can use a transparent proxy, like mitmproxy, to view HTTPS traffic - https://mitmproxy.org/. https://reedmideke.github.io/networking/2021/01/04/mitmproxy-openwrt.html
-
WORKING tutorial on how to enable iOS voice chat RIGHT NOW
You'll need to install mitmproxy and set it up on your computer and iOS. I won't go into too much detail here on how to do this, but there are plenty of guides available. This is a pretty good one: https://nadav.ca/2021/02/26/inspecting-an-iphone-s-https-traffic/
-
mitmproxy VS petep - a user suggested alternative
2 projects | 3 Oct 2023
-
Upside-Down-Ternet (2006)
TIL this goes back to 2006, how cool! We nowadays have a much simpler version as a mitmproxy example: https://github.com/mitmproxy/mitmproxy/blob/main/examples/ad.... Although it obviously does not work as well anymore with everything being HTTPS nowadays (unless you trust the cert of course). :)
-
Ask Dang: What Has Happened with HN's HTTPS Recently?
Perhaps you could have your device use a proxy that can do the HTTPS unwrap for you? https://mitmproxy.org/ maybe?
-
How to implement SSL/TLS pinning in Node.js
A great way to test the effectiveness of a pinning implementation is by simulating an MITM attack. Tools like Mitmproxy or Wireshack allow us to create a test environment to monitor, intercept, and proxy network requests for a test host.
- Evading JavaScript Anti-Debugging Techniques
What are some alternatives?
PiSugar - PiSugar is a battery module for Raspberry Pi zero / zero W / zero WH
Wireshark - Read-only mirror of Wireshark's Git repository at https://gitlab.com/wireshark/wireshark. ⚠️ GitHub won't let us disable pull requests. ⚠️ THEY WILL BE IGNORED HERE ⚠️ Upload them at GitLab instead.
Dropbox-Uploader - Dropbox Uploader is a BASH script which can be used to upload, download, list or delete files from Dropbox, an online file sharing, synchronization and backup service.
Shadowrocket-ADBlock-Rules - 提供多款 Shadowrocket 规则,带广告过滤功能。用于 iOS 未越狱设备选择性地自动翻墙。
distributions - NodeSource Node.js Binary Distributions
bettercap - The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
pisugar-case-pihat-cap - PiHat caps designed for PiSugar case. 配合PiSugar外壳以及各类PiHat使用的盖子。
sslstrip - A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.
alpine-raspberry-pi - Alpine Linux System Install for RPI 2, 3 and 4
IOXY - MQTT intercepting proxy
ghidra - Ghidra is a software reverse engineering (SRE) framework
ZAP - The ZAP core project