Skip to content

Instantly share code, notes, and snippets.

View MUWASEC's full-sized avatar
🧩
still alive

muwa00 MUWASEC

🧩
still alive
33 followers · 60 following
View GitHub Profile
@Jiab77
Jiab77 / simple-multi-threaded-php-web-server.md
Last active June 27, 2024 21:24
An easy way to start the embedded PHP web server with the multi-thread option enabled or simulated when necessary.
@ammarfaizi2
ammarfaizi2 / mem.c
Last active April 28, 2021 16:43
Experiment to replace malloc(3)/calloc(3)/realloc(3)/free(3) with custom allocator 32 byte aligned.
// SPDX-License-Identifier: GPL-2.0
/*
* Experiment to replace malloc(3)/calloc(3)/realloc(3)/free(3) with custom
* allocator 32 byte aligned.
*
* @author Ammar Faizi <ammarfaizi2@gmail.com> https://www.facebook.com/ammarfaizi2
* @license GPL-2.0
*
* gcc -Wall -Wextra -O3 -shared -fPIC mem.c -o mem.so
* LD_PRELOAD=$(pwd)/mem.so your_program
@eSkiSo
eSkiSo / install_oci8_ubuntu20_php7.4.md
Last active March 25, 2025 19:49
Install OCI8 (Oracle) in Ubuntu 20 with PHP 7.4
@nckroy
nckroy / eran-hammer-oauth2-rant-20120726.md
Created January 21, 2021 00:15
OAuth 2.0 and the Road to Hell

(Scraped from the Internet Wayback Machine. Original content by Eran Hammer / hueniverse.com July 26, 2012)

OAuth 2.0 and the Road to Hell

They say the road to hell is paved with good intentions. Well, that’s OAuth 2.0.

Last month I reached the painful conclusion that I can no longer be associated with the OAuth 2.0 standard. I resigned my role as lead author and editor, withdraw my name from the specification, and left the working group. Removing my name from a document I have painstakingly labored over for three years and over two dozen drafts was not easy. Deciding to move on from an effort I have led for over five years was agonizing.

There wasn’t a single problem or incident I can point to in order to explain such an extreme move. This is a case of death by a thousand cuts, and as the work was winding down, I’ve found myself reflecting more and more on what we actually accomplished. At the end, I reached the conclusion that OAuth 2.0 is a bad

@zmb3
zmb3 / static_cgo.md
Last active February 21, 2025 14:23
Compile static binaries for Go programs that leverage Cgo.

In order to compile a fully static binary when using Cgo you'll need to link in a C library like musl.

I find it convenient to have a Docker image ready for building these artifacts.

FROM golang
RUN wget https://musl.libc.org/releases/musl-1.2.5.tar.gz && \
   tar -xzf musl-1.2.5.tar.gz && \
   cd musl-1.2.5 && \
 ./configure --enable-static --disable-shared &amp;&amp; \
@n4sm
n4sm / auto_unpacker.py
Last active September 20, 2025 09:36
Juste a simple auto unpacker for elf binaries which is using qiling: https://kernemporium.github.io/articles/en/auto_unpacking/m.html
#!/usr/bin/python3
# /*
# * ----------------------------------------------------------------------------
# * "THE BEER-WARE LICENSE" (Revision 42):
# * n4sm wrote this file. As long as you retain this notice you
# * can do whatever you want with this stuff. If we meet some day, and you think
# * this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp
# * ----------------------------------------------------------------------------
# * /
@hkraw
hkraw / butterfly_expl.py
Last active February 12, 2024 22:59
#!/usr/bin/python3
from pwn import *
from past.builtins import xrange
from time import sleep
from IO_FILE import *
import random
####Addr
leak_offset = 0x1b39e7
system = 0x4f4e0
@GregaVrbancic
GregaVrbancic / arch-xrdp-config.sh
Created July 17, 2020 09:54
#!/bin/bash
#
# This script is for Arch Linux to configure XRDP for enhanced session mode
#
# The configuration is adapted from the Ubuntu 16.04 script.
#
# Script adapted from https://github.com/microsoft/linux-vm-tools
#
@plembo
plembo / DisableMFAForAADUser.md
Last active June 6, 2025 21:27
Disable MFA for an individual Azure AD User

Disabling MFA for an Azure AD User

Azure AD MFA is not enabled by default for AAD and Microsoft 365 users, but it will be if during setup an admin chooses to Enable Security Defaults on Azure AD (as most will when prompted to do so: after all, who in their right mind wouldn't require MFA?).

However, there are situations where being able to toggle MFA on or off for a particular user can be useful. For example, in a development or test tenant when working with sample code from Microsoft that doesn't account for MFA (like a simple Microsoft Graph console app). This procedure involves disabling Security Defaults on AAD.

@xpn
xpn / azuread_decrypt_msol_v2.ps1
Last active December 9, 2025 04:25
Updated method of dumping the MSOL service account (which allows a DCSync) used by Azure AD Connect Sync
Write-Host "AD Connect Sync Credential Extract v2 (@_xpn_)"
Write-Host "`t[ Updated to support new cryptokey storage method ]`n"
$client = new-object System.Data.SqlClient.SqlConnection -ArgumentList "Data Source=(localdb)\.\ADSync2019;Initial Catalog=ADSync"
try {
$client.Open()
} catch {
Write-Host "[!] Could not connect to localdb..."
return