Skip to content

Instantly share code, notes, and snippets.

View benmezger's full-sized avatar
:octocat:
hacking

Ben Mezger benmezger

:octocat:
hacking
View GitHub Profile

Keybase proof

I hereby claim:

  • I am ephexeve on github.
  • I am benmezger (https://keybase.io/benmezger) on keybase.
  • I have a public key whose fingerprint is 9C1D A870 8E58 9026 E47E BFA8 F18F AEF4 5EC9 EF4D

To claim this, I am signing this object:

@benmezger
benmezger / README.md
Created December 4, 2015 10:54 — forked from scy/README.md
My OSX PF config for #30C3.

My OS X “VPN only” Setup For #30C3

You should never let passwords or private data be transmitted over an untrusted network (your neighbor’s, the one at Starbucks or the company) anyway, but on a hacker congress like the #30C3, this rule is almost vital.

Hackers get bored easily, and when they’re bored, they’re starting to look for things to play with. And a network with several thousand connected users is certainly an interesting thing to play with. Some of them might start intercepting the data on the network or do other nasty things with the packets that they can get.

If these packets are encrypted, messing with them is much harder (but not impossible! – see the end of this article). So you want your packets to be always encrypted. And the best way to do that is by using a VPN.

Target audience

@benmezger
benmezger / cook_rsa_key.go
Created December 4, 2015 20:55 — forked from AGWA/cook_rsa_key.go
Demonstrates that an RSA signature does not uniquely identify a public key.
/*
* Demonstrates that an RSA signature does not uniquely identify a public key.
* Given a signature, s, and a message m, it's possible to construct a new RSA key
* pair such that s is a valid signature for m under the new key pair.
*
* Requires Go version >= 1.5. Go <= 1.4 doesn't work due to a bug in the bignum
* package: https://github.com/golang/go/issues/9826
*
* Written in 2015 by Andrew Ayer <agwa@andrewayer.name>
*
@benmezger
benmezger / mac-curl-ca-bundle.sh
Created December 11, 2015 22:25 — forked from 1stvamp/mac-curl-ca-bundle.sh
Script to install cURL CA certificates on OS X without macports
#!/bin/bash
mkdir /tmp/curl-ca-bundle
cd /tmp/curl-ca-bundle
wget http://curl.haxx.se/download/curl-7.22.0.tar.bz2
tar xzf curl-7.22.0.tar.bz2
cd curl-7.22.0/lib/
./mk-ca-bundle.pl
if [ ! -d /usr/share/curl/ ]; then
sudo mkdir -p /usr/share/curl/
else
@benmezger
benmezger / README.md
Created December 30, 2015 14:53 — forked from StefanWallin/README.md
nginx ssl config with multiple SNI vhosts and A+ SSL Labs score as of 2014-11-05

Configuring nginx for SSL SNI vhosts

Gotchas

Remarks

  • My version of konklones SSL config does not have SPDY support(my nginx+openssl does not support it)
  • You need a default ssl server (example.org-default.conf).
  • Some SSL-options have to be unique across your instance, so it's easier to have them in a common file(ssl.conf).
@benmezger
benmezger / nginx.conf
Created February 12, 2016 14:37 — forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
@benmezger
benmezger / site.conf
Created February 12, 2016 14:44 — forked from paskal/site.conf
Nginx configuration for best security and modest performance. Full info on https://terrty.net/2014/ssl-tls-in-nginx/
# read more at https://terrty.net/2014/ssl-tls-in-nginx/
# latest version on https://gist.github.com/paskal/628882bee1948ef126dd/126e4d1daeb5244aacbbd847c5247c2e293f6adf
# security test score: https://www.ssllabs.com/ssltest/analyze.html?d=terrty.net
# your nginx version might not have all directives included, test this configuration before using in production against your nginx:
# $ nginx -c /etc/nginx/nginx.conf -t
server {
# public key, contains your public key and class 1 certificate, to create:
# (example for startssl)
# $ (cat example.com.pem & wget -O - https://www.startssl.com/certs/class1/sha2/pem/sub.class1.server.sha2.ca.pem) | tee -a /etc/nginx/ssl/domain.pem > /dev/null
@benmezger
benmezger / README.rst
Created March 16, 2016 14:07 — forked from dupuy/README.rst
Common markup for Markdown and reStructuredText

Markdown and reStructuredText

GitHub supports several lightweight markup languages for documentation; the most popular ones (generally, not just at GitHub) are Markdown and reStructuredText. Markdown is sometimes considered easier to use, and is often preferred when the purpose is simply to generate HTML. On the other hand, reStructuredText is more extensible and powerful, with native support (not just embedded HTML) for tables, as well as things like automatic generation of tables of contents.

@benmezger
benmezger / index.html
Created March 24, 2016 18:20
Dynamic URL using javascript (for subdomains with different tld)
<pre id="bar"><a id="blog">BLOG</a> XOR <a id="about" title="">ABOUT</a> XOR <a id="code">CODE</a> XOR <a id="photos" title="">PHOTOS</a></pre></td></tr>
<script>
function makeUrl(_id){
var protocol = window.location.protocol;
var url = window.location.host.replace("www.", "");
var new_url = protocol + "//" + _id + "." + url;
document.getElementById(_id).setAttribute("href", new_url);
}
makeUrl("blog");
@benmezger
benmezger / comprehensions.md
Created March 27, 2016 15:04 — forked from bearfrieze/comprehensions.md
Comprehensions in Python the Jedi way

Comprehensions in Python the Jedi way

Beautiful is better than ugly. Explicit is better than implicit.

-- The Zen of Python

I frequently deal with collections of things in the programs I write. Collections of droids, jedis, planets, lightsabers, starfighters, etc. When programming in Python, these collections of things are usually represented as lists, sets and dictionaries. Oftentimes, what I want to do with collections is to transform them in various ways. Comprehensions is a powerful syntax for doing just that. I use them extensively, and it's one of the things that keep me coming back to Python. Let me show you a few examples of the incredible usefulness of comprehensions.

All of the tasks presented in the examples can be accomplished with the extensive standard library available in Python. These solutions would arguably be more terse and efficient in some cases. I don't have anything against the standard library. To me there is a certain