Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ::########################################################################################################################## | |
| :: | |
| :: This script can ruin your day, if you run it without fully understanding what it does, you don't know what you are doing, | |
| :: | |
| :: OR BOTH!!! | |
| :: | |
| :: YOU HAVE BEEN WARNED!!!!!!!!!! | |
| :: | |
| :: This script is provided "AS IS" with no warranties, and confers no rights. | |
| :: Feel free to challenge me, disagree with me, or tell me I'm completely nuts in the comments section, |
gaearon
/ prepack-gentle-intro-1.md
Last active
May 3, 2024 12:56
A Gentle Introduction to Prepack, Part 1
Note:
When this guide is more complete, the plan is to move it into Prepack documentation.
For now I put it out as a gist to gather initial feedback.
If you're building JavaScript apps, you might already be familiar with some tools that compile JavaScript code to equivalent JavaScript code:
- Babel lets you use newer JavaScript language features, and outputs equivalent code that targets older JavaScript engines.
jhaddix
/ cloud_metadata.txt
Last active
April 30, 2024 09:38
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
BuffaloWill
/ cloud_metadata.txt
Last active
April 16, 2024 04:15
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
- How to Build a Successful Information Security Career (Daniel Miessler)
- The First Steps to a Career in Information Security (Errata Security - Marisa Fagan)
- Hiring your first Security Professional (Peerlyst - Dawid Balut)
- How to Start a Career in Cyber security
- How to Get Into Information Security (ISC^2)
- https://www.isc2.org/how-to-get-into-information-security.aspx
This is a guide on how to email securely.
There are many guides on how to install and use PGP to encrypt email. This is not one of them. This is a guide on secure communication using email with PGP encryption. If you are not familiar with PGP, please read another guide first. If you are comfortable using PGP to encrypt and decrypt emails, this guide will raise your security to the next level.
igogrek
/ How I stopped loving Angular.md
Last active
April 2, 2024 03:00
How I stopped loving Angular
I've worked with AngularJS for many years now and still use it in production today. Even though you can't call it ideal, given its historically-formed architecture, nobody would argue that it became quite a milestone not only for evolution of JS frameworks, but for the whole web.
It's 2017 and every new product/project has to choose a framework for development. For a long time I was sure that new Angular 2/4 (just Angular below) will become the main trend for enterprise development for years to come. I wasn't even thinking of working with something else.
Today I refuse to use it in my next project myself.
saelo
/ 3_years_of_attacking_javascript_engines.txt
Created
October 27, 2019 16:04
3 Years of Attacking JavaScript Engines
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| |=-----------------------------------------------------------------------=| | |
| |=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=| | |
| |=-----------------------------------------------------------------------=| | |
| |=------------------------------=[ saelo ]=------------------------------=| | |
| |=-----------------------------------------------------------------------=| | |
| The following are some brief notes about the changes that have taken place | |
| since the release of the "Attacking JavaScript Engines" paper [1]. In | |
| general, no big conceptional changes have happened since. Mitigations have | |
| been added to break some of the presented techniques and, as expected, a |
ethicalhack3r
/ chrome-uri.txt
Last active
February 20, 2024 03:02
Chrome 'protocol handlers' extracted from Google Chrome browser source code (chromium-50.0.2624.0.tar.xz downloaded from https://gsdview.appspot.com/chromium-browser-official/). A lot will not work, some are probably from unit tests.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| chrome://-alkuisissa | |
| chrome://-nettadresser | |
| chrome://-webbadresser | |
| chrome://ChromeTestChromeWebUIControllerFactory | |
| chrome://DummyURL | |
| chrome://URLs | |
| chrome://about | |
| chrome://accessibility | |
| chrome://anything | |
| chrome://app-list |
NewerOlder