Skip to content

Instantly share code, notes, and snippets.

View beejhuff's full-sized avatar

Bryan "BJ" Hoffpauir beejhuff

144 followers · 1.5k following
View GitHub Profile
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active April 29, 2024 14:36
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@leonardofed
leonardofed / README.md
Last active May 10, 2024 10:42
A curated list of AWS resources to prepare for the AWS Certifications


A curated list of AWS resources to prepare for the AWS Certifications

A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.

@nverinaud
nverinaud / dev_learning_manifesto.md
Last active March 17, 2017 12:07
The Software Developer Learning Manifesto

The Software Developer Learning Manifesto

  • Learning programming fundamentals over learning technologies and frameworks
  • Building stuff with new knowledge over learning passively by only reading, listening or watching

That is, while there is value in the items on the right, we value the items on the left more.

Manifeste D'Apprentissage pour Développeur de logiciels

@amacgregor
amacgregor / .vimrc
Created April 13, 2016 15:41
Personal Vimrc file
"""""""""""""""""""""""""""""""""""""
" Allan MacGregor Vimrc configuration
"""""""""""""""""""""""""""""""""""""
set nocompatible
syntax on
set nowrap
"""" START Vundle Configuration
" Disable file type for vundle
@mems
mems / README.md
Last active March 27, 2018 05:20
Fix AdressBook errors in OSX 10.11 (fixed in OSX 10.12)

For /var/log/system.log full of errors like these ones:

kernel[0]: Sandbox: com.apple.Addres(XXXXX) deny(1) network-outbound /private/var/run/mDNSResponder
com.apple.AddressBook.InternetAccountsBridge[XXXXX]: dnssd_clientstub ConnectToServer: connect()-> No of tries: 1
com.apple.AddressBook.InternetAccountsBridge[XXXXX]: dnssd_clientstub ConnectToServer: connect() failed path:/var/run/mDNSResponder Socket:4 Err:-1 Errno:1 Operation not permitted

How to fix it?

@amacgregor
amacgregor / .vimrc
Created December 28, 2015 15:36
"""""""""""""""""""""""""""""""""""""
" Allan MacGregor Vimrc configuration
"""""""""""""""""""""""""""""""""""""
set nocompatible
syntax on
set nowrap
"""" START Vundle Configuration
" Disable file type for vundle
@davydovanton
davydovanton / osx-10.11-setup.md
Created December 20, 2015 18:54 — forked from kevinelliott/osx-10.11-setup.md
Mac OS X 10.11 El Capitan Setup

Mac OS X 10.11 El Capitan

Custom recipe to get OS X 10.11 El Capitan running from scratch, setup applications and developer environment. This is very similar (and currently mostly the same) as my 10.10 Yosemite setup recipe (as found on this gist https://gist.github.com/kevinelliott/0726211d17020a6abc1f). Note that I expect this to change significantly as I install El Capitan several times.

I use this gist to keep track of the important software and steps required to have a functioning system after a semi-annual fresh install. On average, I reinstall each computer from scratch every 6 months, and I do not perform upgrades between distros.

This keeps the system performing at top speeds, clean of trojans, spyware, and ensures that I maintain good organizational practices for my content and backups. I highly recommend this.

You are encouraged to fork this and modify it to your heart's content to match your own needs.

@artemgordinskiy
artemgordinskiy / install-zray.sh
Created December 9, 2015 14:37
Install Z-Ray for PHP-FPM
#!/usr/bin/env bash
ZRAY_URL="http://repos.zend.com/zend-server/early-access/zray-tech-preview/zray-php-102775-php5.6.15-linux-debian7-amd64.tar.gz"
ZRAY_ARCHIVE_NAME="zray.tar.gz"
ZRAY_PACKAGE_NAME="zray-php-102775-php5.6.15-linux-debian7-amd64"
# download zray
curl -o /tmp/${ZRAY_ARCHIVE_NAME} ${ZRAY_URL}
# extract zray archive
tar xvfz /tmp/${ZRAY_ARCHIVE_NAME} -C /tmp
@franciskim
franciskim / melbourne-magento-devs.js
Last active January 7, 2024 11:57
var Promise = require('bluebird');
var MongoDB = Promise.promisifyAll(require("mongodb"));
var MongoClient = Promise.promisifyAll(MongoDB.MongoClient);
var cheerio = require('cheerio');
var http = require('http');
var urls = [
'http://www.magentocommerce.com/certification/directory/index/?q=&country_id=AU&region_id=&region=vic&certificate_type=',
'http://www.magentocommerce.com/certification/directory/index/?q=&country_id=AU&region_id=&region=victoria&certificate_type='
];
@gwillem
gwillem / magento-nginx.conf
Last active July 29, 2023 10:13
Battle-tested Nginx configuration for Magento (source: www.hypernode.com)
# This is an annotated subset of the Nginx configuration from our Magento production platform @ www.hypernode.com
# See https://www.byte.nl/blog/magento-cacheleak-issue
# !!!! If you are a Hypernode customer, do not use this config as it will result in duplicate statements. !!!!!
user app;
worker_processes 4;
pid /var/run/nginx.pid;
events {