Skip to content

Instantly share code, notes, and snippets.

View Steffey's full-sized avatar

Steffey

20 followers · 48 following
  • Denver, CO
View GitHub Profile
@munificent
munificent / generate.c
Last active May 7, 2024 06:19
A random dungeon generator that fits on a business card
#include <time.h> // Robert Nystrom
#include <stdio.h> // @munificentbob
#include <stdlib.h> // for Ginny
#define r return // 2008-2019
#define l(a, b, c, d) for (i y=a;y\
<b; y++) for (int x = c; x < d; x++)
typedef int i;const i H=40;const i W
=80;i m[40][80];i g(i x){r rand()%x;
}void cave(i s){i w=g(10)+5;i h=g(6)
+3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u
@ageis
ageis / systemd_service_hardening.md
Last active May 4, 2024 15:57
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@hngouveia01
hngouveia01 / debugging_kernel.txt
Last active March 5, 2024 10:40
Debugging kernel code line by line with Qemu and GDB
We are going to use buildroot to download, configure and compile the kernel.
First, download and uncompress buildroot: https://buildroot.org/download.html
Go to the directory and:
make qemu_x86_defconfig
make menuconfig
@denji
denji / golang-tls.md
Last active April 29, 2024 03:39 — forked from spikebike/client.go
Simple Golang HTTPS/TLS Examples

Moved to git repository: https://github.com/denji/golang-tls

Generate private key (.key)
# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
@beezly
beezly / gist:267b80557900b865bc92
Last active February 17, 2021 10:37
Find the SSL/TLS version clients are negotiate with your SSL server. Adapt the "src port 443" part as per your requirements. Uses tshark from https://www.wireshark.org
tshark -f 'src port 443 and ether[0x42]=0x16 and ether[0x47]=0x02' -T fields -e ip.dst_host -e ssl.handshake.version
@tristanfisher
tristanfisher / Ansible-Vault how-to.md
Last active April 3, 2024 13:55
A short tutorial on how to use Vault in your Ansible workflow. Ansible-vault allows you to more safely store sensitive information in a source code repository or on disk.

Working with ansible-vault

I've been using a lot of Ansible lately and while almost everything has been great, finding a clean way to implement ansible-vault wasn't immediately apparent.

What I decided on was the following: put your secret information into a vars file, reference that vars file from your task, and encrypt the whole vars file using ansible-vault encrypt.

Let's use an example: You're writing an Ansible role and want to encrypt the spoiler for the movie Aliens.

@ConradIrwin
ConradIrwin / how-to-install-dpdk-on-ubuntu.sh
Created February 18, 2014 18:57
# If you're looking into the C10M problem (10 million concurrent connections)
# you might want to play with DPDK (Originally proprietry Intel, now open source)
#
# C10M: http://c10m.robertgraham.com/
# DPDK: http://dpdk.org/
#
# This is a quick summary how to install dpdk on ubuntu
# running inside virtualbox on a mac
# On my Mac:
@Mins
Mins / mysql_secure.sh
Last active February 16, 2024 00:03
Automating mysql_secure_installation
#!/bin/bash
aptitude -y install expect
// Not required in actual script
MYSQL_ROOT_PASSWORD=abcd1234
SECURE_MYSQL=$(expect -c "
set timeout 10