april

#!/usr/bin/env zsh

# patched versions for CVE-2023-4863: 22.3.24, 24.8.3, 25.8.1, 26.2.1
mdfind "kind:app" 2>/dev/null | sort -u | while read app;
do
  filename="$app/Contents/Frameworks/Electron Framework.framework/Electron Framework"
  if [[ -f $filename ]]; then
    echo "App Name:          $(basename ${app})"

    electronVersion=$(strings "$filename" | grep "Chrome/" | grep -i Electron | grep -v '%s' | sort -u | cut -f 3 -d '/')

sneakers-the-rat

# --------------------------------------------------------------------
# Recursively find pdfs from the directory given as the first argument, 
# otherwise search the current directory.
# Use exiftool and qpdf (both must be installed and locatable on $PATH) 
# to strip all top-level metadata from PDFs.
#
# Note - This only removes file-level metadata, not any metadata
# in embedded images, etc. 
#
# Code is provided as-is, I take no responsibility for its use,

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

darconeous

Tesla Key Card Protocol

Researched by Robert Quattlebaum darco@deepdarc.com.

Last updated 2020-02-03.

byjg

// This will open up a prompt for text to send to a console session on digital ocean
//  Useful for long passwords
(function () {        
    window.sendString = function (str) {
        f(str.split(""));
        function f(t) {
            var character = t.shift();
            var i=[];
            var code = character.charCodeAt();
            var needs_shift = character.match(/[A-Z!@#$%^&*()_+{}:\"<>?~|]/);

btcdrak

Quick GPG Smartcard Guide

We will generate a master key with only the Certify capability and three subkeys with each of the Sign, Encrypt and Authenticate capabilities. These latter three keys are meant for daily use and will be transferred to an OpenPGP smartcard, which has three corresponding slots. The master private key can then be moved to offline cold storage, or stored on a second smartcard.

We are generating keys on a secure computer instead of on the card, because it allows more flexibility. Ideally this means a machine running Tails or one that is air-gapped and not connected to the internet.

This guide assumes that if you want to sign other peoples keys, then you will require the aforementioned secondary smartcard with your master key stored in its Signature slot, or if you only have one smartcard, then you'll have to fetch the master key out of cold storage. By default, GPG generates a master key with the Certify and

croepha

// This will open up a prompt for text to send to a console session on digital ocean
//  Useful for long passwords
(function () {        
        var t = prompt("Enter text to be sent to console, (This wont send the enter keystroke)").split("");
        function f() {
                
                var character = t.shift();
                var i=[];
                var code = character.charCodeAt();
                var needs_shift = "!@#$%^&*()_+{}:\"<>?~|".indexOf(character) !== -1

willurd

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000