Skip to content

Instantly share code, notes, and snippets.

Avatar
:shipit:
SHIPPING

Carter Brainerd cbrnrd

:shipit:
SHIPPING
View GitHub Profile
@nullenc0de
nullenc0de / content_discovery_nullenc0de.txt
Last active Jan 22, 2022
content_discovery_nullenc0de.txt
View content_discovery_nullenc0de.txt
This file has been truncated, but you can view the full file.
/
$$$lang-translate.service.js.aspx
$367-Million-Merger-Blocked.html
$defaultnav
${idfwbonavigation}.xml
$_news.php
$search2
£º
.0
View params.txt
0
1
11
12
13
14
15
16
17
2
View safari-reaper.html
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
background: repeat url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/7QCIUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAGscAVoAAxslRxwCAAACAAAcAnQAV8KpIENoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbGQgLSBodHRwOi8vd3d3LnJlZGJ1YmJsZS5jb20vcGVvcGxlL0NoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbAD/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAA
@simbo1905
simbo1905 / PwnedPasswords.md
Last active Aug 29, 2021
How To Load The HIBP Pwned Passwords Database Into Redis
View PwnedPasswords.md

How To Load The HIBP Pwned Passwords Database Into Redis

NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:

When processing requests to establish and change memorized secrets, 
verifiers SHALL compare the prospective secrets against a list that 
contains values known to be commonly-used, expected, or compromised.

But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.

@hedinasr
hedinasr / flood_udp.py
Created Jan 10, 2017
Python UDP Flooder
View flood_udp.py
"""
UDP Flooder.
This is a 'Dos' attack program to attack servers, you set the IP
and the port and the amount of seconds and it will start flooding to that server.
(inspire from http://hazardedit.com/forum/viewtopic.php?t=73)
Usage : ./flood_udp <ip> <port> <second>
"""
import time
import socket
@PurpleBooth
PurpleBooth / README-Template.md
Last active Jan 24, 2022
A template to make good README.md
View README-Template.md

Project Title

One Paragraph of project description goes here

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Prerequisites

View sinatra+thin+ssl.rb
#!/usr/bin/env ruby
#
# This code snippet shows how to enable SSL in Sinatra+Thin.
#
require 'sinatra'
require 'thin'
class MyThinBackend < ::Thin::Backends::TcpServer
def initialize(host, port, options)
@takeshixx
takeshixx / hb-test.py
Last active Dec 19, 2021
OpenSSL heartbeat PoC with STARTTLS support.
View hb-test.py
#!/usr/bin/env python2
"""
Author: takeshix <takeshix@adversec.com>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford (jspenguin@jspenguin.org).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser
@thebucknerlife
thebucknerlife / authentication_with_bcrypt_in_rails_4.md
Last active Jan 24, 2022
Simple Authentication in Rail 4 Using Bcrypt
View authentication_with_bcrypt_in_rails_4.md

#Simple Authentication with Bcrypt

This tutorial is for adding authentication to a vanilla Ruby on Rails app using Bcrypt and has_secure_password.

The steps below are based on Ryan Bates's approach from Railscast #250 Authentication from Scratch (revised).

You can see the final source code here: repo. I began with a stock rails app using rails new gif_vault

##Steps

@wteuber
wteuber / encrypt_decrypt.rb
Last active Jan 8, 2022
Simply encrypt and decrypt Strings in Ruby.
View encrypt_decrypt.rb
require 'openssl'
class String
def encrypt(key)
cipher = OpenSSL::Cipher.new('DES-EDE3-CBC').encrypt
cipher.key = Digest::SHA1.hexdigest key
s = cipher.update(self) + cipher.final
s.unpack('H*')[0].upcase
end