Skip to content

Instantly share code, notes, and snippets.

9kopb 9kopb

Block or report user

Report or block 9kopb

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@vavkamil
vavkamil / blind-xss-cloudflare-worker.js
Last active Oct 1, 2019
Serverless Blind XSS hunter with Cloudflare Worker
View blind-xss-cloudflare-worker.js
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request))
})
////////////////////////////////////////////////////////////////////////////////////////////////////
// ! DON'T LEAK THE SECRETS !
// Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/
const telegram_token = "*****REDACTED*****";
const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage";
View How to use GitHub Gists for publishing articles.md

How To Use GitHub Gists For Publishing Articles

GitHub Gists may be used not only for code snippets sharing but as a publishing platform for your articles.

Features And Restrictions Of GitHub Gists

Each gist is a git repo with restrictions and features:

  • You can't create folders in any branch of the repo.
  • Each file in the master branch larger than 1MB risks to be truncated so you can't add zip archive to master. But you may keep additional large files at another branches which can't be viewed on the gist page.
  • If you want to use images in your article but wish non-embedded images to be hidden on the gist page then you may keep them in non-master branch and reference by ./<id of your gist>/raw/<commit hash>/foobar.jpg.
View Why to Ignore Russian Internet Laws.md

Why to Ignore Russian Internet Laws

There is internet censorship in Russia. VPNs and internet providers are required to install into their networks Revizor, a device that checks that censored sites can't be accessed from their network. They are also required to install SORM (wiki/SORM, another wiki) to help Russian special services to analyse traffic and track users.

If you have or are going to have internet business in Russia I call you to ignore all the demands to install SORM and Revizor into your network. Also don't move personal data to Russia. If you can't avoid complying to these demands then just don't have your business in Russia at all.

Please, don't invest in Cheburnet (autonomous Russian internet that can be easily isolated and abusively censored without any collateral damage). Cheburnet is built to help the Kremlin in power usurpation.

The Reasons

View Бойкот «ВКонтакте» и Mail.Ru Group.md

Эту статью также можно прочитать на medium.com.


Бойкот «ВКонтакте» и Mail.Ru Group

@pugson
pugson / bookmarklet.js
Last active Oct 9, 2019
Open in Notion App (Bookmarklet)
View bookmarklet.js
javascript:(function()%7Bvar%20url%20%3D%20window.location.href%3Bvar%20trimmed%20%3D%20url.slice(5)%3Bwindow.location.href%20%3D%20%60notion%24%7Btrimmed%7D%60%7D)()
@Kmaschta
Kmaschta / generate-self-signed-certificate-with-custom-CA.md
Created Jan 9, 2019
How to generate a self-signed that is valid for your browser (by creating your custom certificate authority)
View generate-self-signed-certificate-with-custom-CA.md

If you're using self-signed certificate for your web server on development, you might know the browser warning saying that your certificate isn't valid. If like me you had manually added an exception for this certificate error each time it showed up, this gist is for you.

Properly Configure OpenSSL with your DNS aliases

You'll have to create a self-signed certificate with a custom SubjectAltName.

  1. Find your openssl config. find /usr/lib -name openssl.cnf
View testpool.js
// ==UserScript==
// @name Pixel Bot
// @namespace https://tampermonkey.net/
// @version 3.0
// @description try to take over the world!
// @author Flyink13, igoose
// @match https://pixel.vkforms.ru/*
// @grant none
// ==/UserScript==
@ihciah
ihciah / README.MD
Last active Oct 9, 2019
A reverse proxy for Telegram Bot API on Aliyun Function Compute / Cloudflare Workers
View README.MD

A reverse proxy for Telegram Bot API on Aliyun Function Compute / Cloudflare Workers

To help users in China mainland access telegram api stably and conveniently with low cost, this script maybe the one you need.

The server-less means you don't have to run a server to proxy the requests, just pay as you go.

Usage

Edit key_prefix, set it to the prefix of you bot address(like /bot563441998:) can avoid abusing.

View fiddle.html
Open the console to see the output of this example.
@dotcypress
dotcypress / telegram-login.js
Created Feb 24, 2018
Telegram authorization data checker
View telegram-login.js
const { createHash, createHmac } = require('crypto')
function checkSignature (token, { hash, ...data }) {
const secret = createHash('sha256')
.update(token)
.digest()
const checkString = Object.keys(data)
.sort()
.map(k => `${k}=${data[k]}`)
.join('\n')
You can’t perform that action at this time.