I hereby claim:
- I am aviat on github.
- I am jbaviat (https://keybase.io/jbaviat) on keybase.
- I have a public key ASAJVHccjt0XbvvcXqwyU6Zw0wqCAziOwHcjC3wUfrB62go
To claim this, I am signing this object:
Jb Aviat aviat
aviat
/ chapter2.go
Created
January 17, 2022 23:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // From The Web Application Hacker's Handbook edition #2 | |
| // Build: go build chapter2.go | |
| // Usage: ./chapter2 your_input_string | |
| // 5. An input validation mechanism designed to block cross-site scripting | |
| // attacks performs the following sequence of steps on an item of input: | |
| // 1. Strip any <script> expressions that appear. | |
| // 2. Truncate the input to 50 characters. | |
| // 3. Remove any quotation marks within the input. | |
| // 4. URL-decode the input. |
aviat
/ webhook.py
Created
July 27, 2020 11:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| # https://docs.aws.amazon.com/firehose/latest/dev/writing-with-sdk.html | |
| # https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/firehose.html#Firehose.Client.put_record | |
| # https://docs.aws.amazon.com/lambda/latest/dg/services-alb.html | |
| import base64 | |
| from collections import namedtuple | |
| import hashlib | |
| import hmac |
aviat
/ anonymize.py
Created
November 8, 2019 00:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Python 3 script to anonymize a JSON file, keys and data. Conserve structure. Conserve the | |
| shape of URLs found in strings, anonymizing host, path, params, query and | |
| fragment. | |
| Run without argument to test: | |
| $ python3 anonymize_json.py | |
| Usage: anonymize_json.py path/to/json | |
| running tests... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const static char wrapper_template_func[] = | |
| "$args = \\sqreen\\internal\\func_get_args(); " | |
| "try { " | |
| "\\sqreen\\internal\\userland_pre_cbs(...$args); " | |
| "$ret = " FUNC_PREFIX "%s(...$args); " | |
| "$GLOBALS['" RETVAL_GLOBAL "'] = $ret; " | |
| "\\sqreen\\internal\\userland_post_cbs(...$args); " | |
| "unset($GLOBALS['" RETVAL_GLOBAL "']); " | |
| "return $ret; " | |
| "} catch (" EXCEPTION_TOP_CLASS " $e) { " |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| file_get_contents("/etc/services"); | |
| ?> |
aviat
/ sqreen_php_trampoline.c
Created
March 28, 2019 09:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| res = run_cbs(pre, cbs, &cctx TSRMLS_CC); | |
| if (res) { | |
| mlog(sq_log_debug, "'pre' cbs failed"); | |
| } | |
| original_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU); | |
| if (res) { | |
| mlog_g(sq_log_debug, "Not running fail/post since pre failed"); | |
| return; |
aviat
/ keybase.md
Created
February 12, 2018 08:36
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| puts RubyVM::InstructionSequence.compile("def foo x | |
| _y = x | |
| end", nil, nil, 0, trace_instruction: true, operands_unification: false).disasm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -I https://www.sqreen.io | |
| [...] | |
| Public-Key-Pins: pin-sha256="awYK8l132IuZAlK7vhJOr38+fe9GPYbIXXtmWt95sQg="; pin-sha256="LaOgioxWo+JofV5Ggr1I2N1wEbLmUlZiK7IWZRvHT6Q="; max-age=10000 | |
| [...] |