Skip to content

Instantly share code, notes, and snippets.

Alain O'Dea AlainODea

Block or report user

Report or block AlainODea

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@AlainODea
AlainODea / DocumentBuilderFactory_XXE_mitigation.md
Last active Jan 30, 2019
DocumentBuilderFactory that mitigates XXE using OWASP guidance
View DocumentBuilderFactory_XXE_mitigation.md

Recommended mitigation:

Replace this dangerous code:

DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.isIgnoringElementContentWhitespace();
DocumentBuilder builder = factory.newDocumentBuilder();
@AlainODea
AlainODea / w.tf
Created Dec 18, 2018
A Terraform module that cannot be constructed (Error: module "WTF": missing required argument "version")
View w.tf
variable "version" {}
@AlainODea
AlainODea / main.tf
Last active Sep 26, 2018
Terraform: Codacy Enterprise infrastructure bootstrap
View main.tf
output "primary_vpc_id" {
value = "${data.aws_vpc.primary.id}"
}
output "private_a_subnet_id" {
value = "${data.aws_subnet.private_a.id}"
}
output "web_proxy_sg_id" {
value = "${data.aws_security_group.web_proxy.id}"
@AlainODea
AlainODea / main.tf
Created Sep 22, 2018
Terraform: Latest Amazon Linux 2 encrypted AMI
View main.tf
resource "aws_ami_copy" "amazon-linux-2-encrypted" {
name = "${data.aws_ami.amazon-linux-2.name}-encrypted"
description = "${data.aws_ami.amazon-linux-2.description} (encrypted)"
source_ami_id = "${data.aws_ami.amazon-linux-2.id}"
source_ami_region = "${var.region}"
encrypted = true
tags {
ImageType = "encrypted-amzn2-linux"
}
@AlainODea
AlainODea / main.tf
Last active Feb 27, 2019
Terraform: Latest Ubuntu 18.04 LTS encrypted AMI
View main.tf
resource "aws_ami_copy" "ubuntu-18_04-encrypted" {
name = "${data.aws_ami.ubuntu-18_04.name}-encrypted"
description = "${data.aws_ami.ubuntu-18_04.description} (encrypted)"
source_ami_id = "${data.aws_ami.ubuntu-18_04.id}"
source_ami_region = "${var.region}"
encrypted = true
tags {
ImageType = "encrypted-ubuntu-18_04"
}
@AlainODea
AlainODea / main.tf
Last active Sep 22, 2018
Terraform: Latest Ubuntu 16.04 LTS encrypted AMI
View main.tf
resource "aws_ami_copy" "ubuntu-16_04-encrypted" {
name = "${data.aws_ami.ubuntu-16_04.name}-encrypted"
description = "${data.aws_ami.ubuntu-16_04.description} (encrypted)"
source_ami_id = "${data.aws_ami.ubuntu-16_04.id}"
source_ami_region = "${var.region}"
encrypted = true
tags {
ImageType = "encrypted-ubuntu-16_04"
}
@AlainODea
AlainODea / what-is-my-ip.html
Created Aug 4, 2018
CORS from file:// origin
View what-is-my-ip.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>What is my IP?</title>
<script type="text/javascript">
function reqListener () {
var response = JSON.parse(this.responseText);
document.getElementById("ip").innerText =
'Your public IP is ' + response.origin;
@AlainODea
AlainODea / urlencoded-base64-decoded.html
Created Aug 1, 2018
Local web page that can decode URL-encoded Base64-encoded content (like SAMLResponse)
View urlencoded-base64-decoded.html
<!DOCTYPE html>
<html>
<head>
<title>URL Encoded Base 64 Decoder</title>
<script type="text/javascript">
function decode() {
var urlDecoded = decodeURIComponent(document.getElementById('urlencoded-base64-input').value);
var base64Decoded = atob(urlDecoded);
var encodedStr = base64Decoded.replace(/[\u00A0-\u9999<>\&]/gim, function(i) {
return '&#' + i.charCodeAt(0) + ';';
@AlainODea
AlainODea / config
Created Jul 26, 2018
Multi-level SSH proxying and selective host key trust
View config
ServerAliveInterval 60
# bastions are permanent or semi-permanent
# connections should be minimized
# host key changes should not be accepted (pre-populate known_hosts with them)
Host *-bastion
ControlMaster auto
ControlPath /Users/your.username/.ssh/tmp/%h_%p_%r
StrictHostKeyChecking yes
@AlainODea
AlainODea / salesforce.example.com
Last active Jul 5, 2018
Nginx redirect server for Okta Apps by CNAME
View salesforce.example.com
server{
server_name salesforce.example.com;
rewrite ^/(.*) https://example.okta.com/app/salesforce/exkabcdef123451t7/sso/saml permanent;
}
You can’t perform that action at this time.