Averroes

rem USE AT OWN RISK AS IS WITHOUT WARRANTY OF ANY KIND !!!!!
rem https://technet.microsoft.com/en-us/itpro/powershell/windows/defender/set-mppreference
rem To also disable Windows Defender Security Center include this
rem reg add "HKLM\System\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "4" /f
rem 1 - Disable Real-time protection
reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f

Averroes

o-o.preferred.ams03t04.v7.cache3.googlevideo.com
r10.sn-25ge7n76.googlevideo.com
r10---sn-25ge7n76.googlevideo.com
r10.sn-25ge7n7d.googlevideo.com
r10---sn-25ge7n7d.googlevideo.com
r10.sn-25ge7n7e.googlevideo.com
r10---sn-25ge7n7e.googlevideo.com
r10.sn-25ge7n7k.googlevideo.com
r10---sn-25ge7n7k.googlevideo.com
r10.sn-25ge7n7l.googlevideo.com

Averroes

${ctx:loginId}
${map:type}
${filename}
${date:MM-dd-yyyy}
${docker:containerId}
${docker:containerName}
${docker:imageName}
${env:USER}
${event:Marker}
${mdc:UserId}

Averroes

## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories

http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key

Averroes

! name: Brave Averroes
! description: Boost My Gist.
! public: false
! author: Averroes

$boost=1,site=github.com
$boost=1,site=hackerone.com
$boost=1,site=bugreader.com
$boost=1,site=portswigger.net
$boost=1,site=vk9-sec.com

Averroes

# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

Averroes

exFAT support on macOS seems to have some bugs because my external drives with exFAT formatting will randomly get corrupted.

Disk Utility is unable to repair this at first, but the fix is this:

1. Use diskutil list to find the right drive id.
2. You want the id under the IDENTIFIER column, it should look like disk1s1
3. Run sudo fsck_exfat -d <id from above>. eg sudo fsck_exfat -d disk1s3
4. -d is debug so you'll see all your files output as they're processed.
5. Answer YES if it gives you the prompt Main boot region needs to be updated. Yes/No?

Averroes

In August 2007 a hacker found a way to expose the PHP source code on facebook.com. He retrieved two files and then emailed them to me, and I wrote about the issue:

http://techcrunch.com/2007/08/11/facebook-source-code-leaked/

It became a big deal:

http://www.techmeme.com/070812/p1#a070812p1

The two files are index.php (the homepage) and search.php (the search page)

Averroes

## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]

## AWS 
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]

Averroes

CVE-2019-8331

Bootstrap < 3.4.1 || < 4.3.1

✔️ CSP strict-dynamic bypass

➖ Requires user interaction

➖ Requires $('[data-toggle="tooltip"]').tooltip();