Skip to content

Instantly share code, notes, and snippets.

🤔
?

Lense Lense

🤔
?
View GitHub Profile
@roycewilliams
roycewilliams / hashcat-markov-ends.txt
Last active Feb 3, 2020
A survey of the last string tried by hashcat's Markov for standard masks
View hashcat-markov-ends.txt
$ cat hashcat-markov-ends.sh
#!/bin/bash
# Ref: https://github.com/hashcat/hashcat/issues/1058
echo "# A survey of the last string tried by hashcat's Markov for standard masks"
echo -n '# hashcat version: '
hashcat --version
[ -f hashcat-markov-ends.list ] && rm hashcat-markov-ends.list
@Lense
Lense / fix_bold.diff
Last active Oct 12, 2019
Updated for st 0.8.2 commit 2b8333f553c14c15398e810353e192eb05938580
View fix_bold.diff
diff --git a/x.c b/x.c
index 5828a3b..ace044f 100644
--- a/x.c
+++ b/x.c
@@ -116,8 +116,6 @@ typedef struct {
int width;
int ascent;
int descent;
- int badslant;
- int badweight;
View killgdb.c
#include <elf.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/mman.h>
// killgdb.c - prevent an elf from being loaded by gdb.
// Jeffrey Crowell <crowell [at] bu [dot] edu>
//
// $ objcopy --only-keep-debug program program.debug
@bnagy
bnagy / gpgmutt.md
Last active Jun 15, 2020
Mutt, Gmail and GPG
View gpgmutt.md

GPG / Mutt / Gmail

About

This is a collection of snippets, not a comprehensive guide. I suggest you start with Operational PGP.

Here is an incomplete list of things that are different from other approaches:

  • I don't use keyservers. Ever.
  • Yes, I use Gmail instead of some bespoke hipster freedom service
@kennwhite
kennwhite / vpn_psk_bingo.md
Last active May 29, 2020
Most VPN Services are Terrible
View vpn_psk_bingo.md

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016

@ShikChen
ShikChen / reg_ex.py
Created Apr 20, 2015
PlaidCTF 2015 REG EX
View reg_ex.py
import itertools
import re
import z3
base = 'plaidctf'
r = open('regex_57f2cf49f6a354b4e8896c57a4e3c973.txt').read().strip()
s = re.search(r'\((.*)\)', r).group(1)
s = s.split('|')[3:]
s = [re.findall(r'(.*?)\[(.*?)\]', it) for it in s]
View cloudflare_challenge
I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
that I too could do it.
First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.
@datagrok
datagrok / gist:2199506
Last active Jan 7, 2020
Virtualenv's `bin/activate` is Doing It Wrong
View gist:2199506
You can’t perform that action at this time.