azet

# this: `/etc/logrotate.d/grsec`.
/var/log/messages /var/log/syslog /var/log/kern.log {
    daily
    rotate 14
    missingok
    notifempty
    compress
}

x0rz

# Usage: ./dns_check.py <list_of_domain_names.txt>
import dns.resolver
import requests
import re
import json
import sys

resolver = dns.resolver.Resolver()
resolver.timeout = 5
resolver.lifetime = 5

atoponce

Cryptographic Best Practices

Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.

The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from

Alliages

#
# elevation: A very simple python script that get elevation from latitude and longitude with google maps API by Guillaume Meunier
# 
# -----------------------------------
# NO DEPENDANCIES except JSON and URLLIB
# -----------------------------------
# 
# Copyright (c) 2016, Guillaume Meunier <alliages@gmail.com> 
# GEOJSON_export is free software; you can redistribute it and/or modify 
# it under the terms of the GNU General Public License as published 

bridgeythegeek

My First PANDA

Introduction

Being someone who tries to play a lot with Windows memory, I really wanted to play with PANDA, but I was slightly scared because I'd never touched qemu before - all my experience had been with VirtualBox and VMware.

My goal was to install PANDA into a (relatively) clean install of Debian 8 'Jessie', capture a recording and successfully run a PANDA plugin.

1. Get PANDA

alirobe

### 
###
### UPDATE: For Win 11, I recommend using this tool in place of this script: 
### https://christitus.com/windows-tool/
### https://github.com/ChrisTitusTech/winutil
### https://www.youtube.com/watch?v=6UQZ5oQg8XA
### iwr -useb https://christitus.com/win | iex
###
###

dchest

// randomString(length)
// --------------------
// 
// Generates and returns a cryptographically secure
// uniform alphanumeric random string.
//
// Examples:
//
//  randomString(14) // "oXYWpc1vODNR3M"
//  randomString.hex(8) // "663c722b65943b9b"

joepie91

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

paragonie-scott

Hello software developers,

Please check your code to ensure you're not making one of the following mistakes related to cryptography.

I. General Mistakes

• Writing your own home-grown cryptography primitives (For example: Mifare Classic)
  • Exception: For the sake of learning, but don't deploy it in production.
• Using a fast hash function (e.g. MD5, SHA256) for storing passwords. Use bcrypt instead.
• Not using a cryptographically secure random number generator

mcnees

/* Install the Stylish extension for your browser, then add this code
as a new Style. Make sure it applies to the domain 'twitter.com' */

/* You can get Stylish here: */
/* Safari - http://sobolev.us/stylish/ */
/* Chrome - https://chrome.google.com/webstore/detail/stylish/fjnbnpbmkenffdnngjfgmeleoegfcffe */

/* Tweet improvements, comments, or corrections to @mcnees. */

/* Thanks to: @pbausch, @mathowie, @blakestacey, @ukuleledan and others! */