diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2f6a2b26c..32c7142b9 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -198,6 +198,8 @@ jobs:
   pypi:
     runs-on: ubuntu-latest
     if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
+    permissions:
+      id-token: write
     needs: test
     steps:
     - name: Download artifacts
@@ -207,10 +209,7 @@ jobs:
         path: dist
 
     - name: Publish package
-      uses: pypa/gh-action-pypi-publish@v1.1.0
-      with:
-        user: __token__
-        password: ${{ secrets.pypi_password }}
+      uses: pypa/gh-action-pypi-publish@release/v1
 
     - if: failure()
       run: ls -R
diff --git a/pwnlib/commandline/disasm.py b/pwnlib/commandline/disasm.py
index e4ab12e05..78e69b904 100644
--- a/pwnlib/commandline/disasm.py
+++ b/pwnlib/commandline/disasm.py
@@ -82,9 +82,9 @@ def main(args):
         instrs  = disasm(dat, vma=safeeval.const(args.address), byte=False, offset=False)
         # instrs  = highlight(instrs, PwntoolsLexer(), TerminalFormatter())
 
+        highlight_bytes = lambda t: ''.join(map(lambda x: x.replace('00', text.red('00')).replace('0a', text.red('0a')), group(2, t)))
         for o,b,i in zip(*map(str.splitlines, (offsets, bytes, instrs))):
-            b = b.replace('00', text.red('00'))
-            b = b.replace('0a', text.red('0a'))
+            b = ' '.join(highlight_bytes(bb) for bb in b.split(' '))
             i = highlight(i.strip(), PwntoolsLexer(), TerminalFormatter()).strip()
             i = i.replace(',',', ')
 
diff --git a/pwnlib/elf/elf.py b/pwnlib/elf/elf.py
index 28b34af3e..9053a1a2b 100644
--- a/pwnlib/elf/elf.py
+++ b/pwnlib/elf/elf.py
@@ -225,7 +225,7 @@ def __init__(self, path, checksec=True):
         super(ELF,self).__init__(self.mmap)
 
         #: :class:`str`: Path to the file
-        self.path = os.path.abspath(path)
+        self.path = packing._need_text(os.path.abspath(path))
 
         #: :class:`str`: Architecture of the file (e.g. ``'i386'``, ``'arm'``).
         #:
diff --git a/pwnlib/libcdb.py b/pwnlib/libcdb.py
index dd18da3a1..98f51ad2d 100644
--- a/pwnlib/libcdb.py
+++ b/pwnlib/libcdb.py
@@ -25,7 +25,9 @@
 log = getLogger(__name__)
 
 HASHES = ['build_id', 'sha1', 'sha256', 'md5']
-DEBUGINFOD_SERVERS = ['https://debuginfod.elfutils.org/']
+DEBUGINFOD_SERVERS = [
+    'https://debuginfod.elfutils.org/',
+]
 
 if 'DEBUGINFOD_URLS' in os.environ:
     urls = os.environ['DEBUGINFOD_URLS'].split(' ')
@@ -206,20 +208,18 @@ def unstrip_libc(filename):
         :const:`True` if binary was unstripped, :const:`False` otherwise.
 
     Examples:
-        >>> filename = search_by_build_id('2d1c5e0b85cb06ff47fa6fa088ec22cb6e06074e', unstrip=False)
+        >>> filename = search_by_build_id('69389d485a9793dbe873f0ea2c93e02efaa9aa3d', unstrip=False)
         >>> libc = ELF(filename)
-        >>> hex(libc.symbols.read)
-        '0xe56c0'
         >>> 'main_arena' in libc.symbols
         False
         >>> unstrip_libc(filename)
         True
         >>> libc = ELF(filename)
         >>> hex(libc.symbols.main_arena)
-        '0x1d57a0'
+        '0x219c80'
         >>> unstrip_libc(which('python'))
         False
-        >>> filename = search_by_build_id('06a8004be6e10c4aeabbe0db74423ace392a2d6b', unstrip=True)
+        >>> filename = search_by_build_id('d1704d25fbbb72fa95d517b883131828c0883fe9', unstrip=True)
         >>> 'main_arena' in ELF(filename).symbols
         True
     """
diff --git a/pwnlib/shellcraft/templates/mips/mov.asm b/pwnlib/shellcraft/templates/mips/mov.asm
index 0bc0ece0c..28e3c77fe 100644
--- a/pwnlib/shellcraft/templates/mips/mov.asm
+++ b/pwnlib/shellcraft/templates/mips/mov.asm
@@ -69,7 +69,7 @@ if not dst.startswith('$'):
     log.error("Registers must start with $")
     return
 
-if isinstance(src, str) and dst.startswith('$') and dst not in registers.mips:
+if isinstance(dst, str) and dst.startswith('$') and dst not in registers.mips:
     log.error("Unknown register %r" % dst)
     return
 
diff --git a/pwnlib/tubes/ssh.py b/pwnlib/tubes/ssh.py
index eab27a57b..cd06f344d 100644
--- a/pwnlib/tubes/ssh.py
+++ b/pwnlib/tubes/ssh.py
@@ -1633,7 +1633,7 @@ def upload_dir(self, local, remote=None):
             remote: Remote directory
         """
 
-        remote    = remote or self.cwd
+        remote    = packing._encode(remote or self.cwd)
 
         local     = os.path.expanduser(local)
         dirname   = os.path.dirname(local)
@@ -1654,7 +1654,7 @@ def upload_dir(self, local, remote=None):
                 remote_tar = self.mktemp('--suffix=.tar.gz')
                 self.upload_file(local_tar, remote_tar)
 
-                untar = self.run('cd %s && tar -xzf %s' % (remote, remote_tar))
+                untar = self.run(b'cd %s && tar -xzf %s' % (sh_string(remote), sh_string(remote_tar)))
                 message = untar.recvrepeat(2)
 
                 if untar.wait() != 0:
diff --git a/pwnlib/util/web.py b/pwnlib/util/web.py
index 28e089350..7e98b67ae 100644
--- a/pwnlib/util/web.py
+++ b/pwnlib/util/web.py
@@ -25,7 +25,7 @@ def wget(url, save=None, timeout=5, **kwargs):
 
     Example:
 
-      >>> url    = 'https://httpbin.org/robots.txt'
+      >>> url    = 'https://httpbingo.org/robots.txt'
       >>> result = wget(url, timeout=60)
       >>> result
       b'User-agent: *\nDisallow: /deny\n'