Skip to content

Instantly share code, notes, and snippets.

View 9kopb's full-sized avatar
💎
xyu.foundation

9kopb 9kopb

💎
xyu.foundation
View GitHub Profile
@vavkamil
vavkamil / blind-xss-cloudflare-worker.js
Last active November 2, 2023 14:43
Serverless Blind XSS hunter with Cloudflare Worker
addEventListener("fetch", event => {
event.respondWith(handleRequest(event.request))
})
////////////////////////////////////////////////////////////////////////////////////////////////////
// ! DON'T LEAK THE SECRETS !
// Use Workers KV if you can https://developers.cloudflare.com/workers/reference/storage/
const telegram_token = "*****REDACTED*****";
const telegram_url = "https://api.telegram.org/bot" + telegram_token + "/sendMessage";
@ilyaigpetrov
ilyaigpetrov / How to use GitHub Gists for publishing articles.md
Last active December 16, 2023 01:26
How to publish articles as GitHub Gists 🐙 https://git.io/gistpub | by https://git.io/ilyaigpetrov

How To Use GitHub Gists For Publishing Articles

GitHub Gists may be used not only for code snippets sharing but as a publishing platform for your articles.

Features And Restrictions Of GitHub Gists

Each gist is a git repo with restrictions and features:

  • You can't create folders in any branch of the repo.
  • Each file in the master branch larger than 1MB risks to be truncated so you can't add zip archive to master. But you may keep additional large files at another branches which can't be viewed on the gist page.
  • If you want to use images in your article but wish non-embedded images to be hidden on the gist page then you may keep them in non-master branch and reference by .//raw//foobar.jpg.
@ilyaigpetrov
ilyaigpetrov / Why to Ignore Russian Internet Laws.md
Last active April 30, 2024 17:17
Fight Cheburnet 🔥 https://git.io/fight-cheburnet ⬤(●🢑●)⬤ | by https://git.io/ilyaigpetrov

Why to Ignore Russian Internet Laws

There is internet censorship in Russia. VPNs and internet providers are required to install into their networks Revizor, a device that checks that censored sites can't be accessed from their network. They are also required to install SORM (wiki/SORM, another wiki) to help Russian special services to analyse traffic and track users.

If you have or are going to have internet business in Russia I call you to ignore all the demands to install SORM and Revizor into your network. Also don't move personal data to Russia. If you can't avoid complying to these demands then just don't have your business in Russia at all.

Please, don't invest in Cheburnet (autonomous Russian internet that can be easily isolated and abusively censored without any collateral damage). Cheburnet is built to help the Kremlin in power usurpation.

The Reasons

@thomasdavis
thomasdavis / resume.json
Last active May 6, 2024 16:38
https://registry.jsonresume.org/thomasdavis
{
"meta": {
"theme": "elegant"
},
"basics": {
"name": "Thomas Davis",
"label": "Web Developer",
"image": "https://avatars0.githubusercontent.com/u/416209?s=460&u=38f220a2c9c658141804f881c334c594eb1642ac&v=4",
"summary": "I'm a full stack web developer who can build apps from the ground up. I've worked mostly at startups so I am used to wearing many hats. I am a very product focused developer who prioritizes user feedback first and foremost. I'm generally very flexible when investigating new roles. ",
"website": "https://lordajax.com",
@ilyaigpetrov
ilyaigpetrov / Бойкот Mail.Ru Group.md
Last active August 25, 2021 08:39
Бойкот «ВКонтакте» и Mail.Ru Group | https://git.io/boycott-vk | by https://git.io/ilyaigpetrov

Эту статью также можно прочитать на medium.com.

Бойкот «ВКонтакте» и Mail.Ru Group

Mail.Ru Group защищает власть от недовольных Mail.Ru Group защищает власть от недовольных
@Kmaschta
Kmaschta / generate-self-signed-certificate-with-custom-CA.md
Created January 9, 2019 14:43
How to generate a self-signed that is valid for your browser (by creating your custom certificate authority)

If you're using self-signed certificate for your web server on development, you might know the browser warning saying that your certificate isn't valid. If like me you had manually added an exception for this certificate error each time it showed up, this gist is for you.

Properly Configure OpenSSL with your DNS aliases

You'll have to create a self-signed certificate with a custom SubjectAltName.

  1. Find your openssl config. find /usr/lib -name openssl.cnf
@ec0type
ec0type / fresh.sh
Created November 2, 2018 17:40
#!/bin/bash
macchanger -s eth0
macchanger -r eht0
echo "## Add" >> /etc/tor/torrc
echo "## " >> /etc/tor/torrc
echo "##" >> /etc/tor/torrc
echo "ExitNodes {nl},{pa},{ru}" >> /etc/tor/torrc
echo "StrictExitNodes 1" >> /etc/tor/torrc
@SevereCloud
SevereCloud / testpool.js
Last active February 18, 2021 22:48
// ==UserScript==
// @name Pixel Bot
// @namespace https://tampermonkey.net/
// @version 3.0
// @description try to take over the world!
// @author Flyink13, igoose
// @match https://pixel.vkforms.ru/*
// @grant none
// ==/UserScript==
@ihciah
ihciah / README.MD
Last active February 2, 2024 00:08
A reverse proxy for Telegram Bot API on Aliyun Function Compute / Cloudflare Workers

A reverse proxy for Telegram Bot API on Aliyun Function Compute / Cloudflare Workers

To help users in China mainland access telegram api stably and conveniently with low cost, this script maybe the one you need.

The server-less means you don't have to run a server to proxy the requests, just pay as you go.

Usage

Edit key_prefix, set it to the prefix of you bot address(like /bot563441998:) can avoid abusing.

anonymous
anonymous / fiddle.html
Created March 16, 2018 17:05
(source: http://jsfiddle.net/9kopb/dcpbs0g2/)
Open the console to see the output of this example.