Skip to content

Instantly share code, notes, and snippets.

View Shosta's full-sized avatar
🐳
Furiously hacking

Rémi Lavedrine Shosta

🐳
Furiously hacking
24 followers · 45 following
View GitHub Profile
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 29, 2024 14:36
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@ronau
ronau / Nextcloud-Pi3-Setup.md
Last active October 16, 2023 19:47
Nextcloud on Raspberry Pi 3 Setup

Nextcloud on Raspberry Pi 3 Setup

This manual describes how to setup a Raspberry Pi 3 with nginx, PHP 7.0, MariaDB and use it as a Nextcloud server. Strong TLS encryption with Let's Encrypt certificates is also used. Of course, Owncloud can be used instead of Nextcloud. As of February 2017, the installation instructions are basically the same.

Useful links and knowledge sources for this step-by-step manual

@xl7dev
xl7dev / Install Metasploit on OS X
Last active April 21, 2023 15:21
# XCode Command Line Tools
>xcode-select --install
# Install Homebrew
>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
>echo PATH=/usr/local/bin:/usr/local/sbin:$PATH >> ~/.bash_profile
>source ~/.bash_profile
>brew tap homebrew/versions
@oaass
oaass / thpsetup.py
Last active April 12, 2023 00:54
This will install the additional tools to Kali recommended by "The Hacker Playbook". It will install the tools in /opt/tools
#!/bin/bash
echo ""
echo "=========================================================================="
echo "= Pentest Attack Machine Setup ="
echo "= Based on the setup from The Hacker Playbook ="
echo "=========================================================================="
echo ""
# Prepare tools folder
@vsouza
vsouza / .bashrc
Last active April 9, 2024 05:27
Golang setup in Mac OSX with HomeBrew. Set `GOPATH` and `GOROOT` variables in zshell, fish or bash.
# Set variables in .bashrc file
# don't forget to change your path correctly!
export GOPATH=$HOME/golang
export GOROOT=/usr/local/opt/go/libexec
export PATH=$PATH:$GOPATH/bin
export PATH=$PATH:$GOROOT/bin
@rxaviers
rxaviers / gist:7360908
Last active May 6, 2024 10:54
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: 😄 :smile: 😆 :laughing:
😊 :blush: 😃 :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
😆 :satisfied: 😁 :grin: 😉 :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: 😀 :grinning:
😗 :kissing: 😙 :kissing_smiling_eyes: 😛 :stuck_out_tongue:
@Shosta
Shosta / NSString+EmailValidating.h
Created October 4, 2013 07:53
NSString category to test if a string is a valid e-mail address.
//
// NSString+EmailValidating.h
//
//
// Created by Rems on 11/12/12.
// Copyright (c) 2012 . All rights reserved.
//
#import <Foundation/Foundation.h>