cneill

Keybase proof

I hereby claim:

• I am cneill on github.
• I am cneill (https://keybase.io/cneill) on keybase.
• I have a public key whose fingerprint is 289B B637 7B14 5FB3 EE09 E0C6 1337 9E6D C643 3C71

To claim this, I am signing this object:

cneill

#!/bin/sh

# Some things taken from here
# https://github.com/mathiasbynens/dotfiles/blob/master/.osx

# Set the colours you can use
black='\033[0;30m'
white='\033[0;37m'
red='\033[0;31m'
green='\033[0;32m'

cneill

About

This gist contains a few simple commands for manipulating and analyzing various types of data from the command line. This might be useful, for example, when trying to audit a web applicaton for security defects.

Table of Contents

Encoding and Decoding

1. Hex
2. URL

cneill

function get_random_bytes (len) {
    return crypto.randomBytes(Math.ceil(len / 2))
        .toString('hex')
        .slice(0, len);
}

cneill

Morning

• Wake up with a "smart"/sleep phase alarm so you aren't jolted awake during deep sleep

• Stretch out fully when waking up (like a starfish)

• Drink some water when you first get out of bed

  • Don't drink caffeine within 1-2 hours of waking up

• Get some direct sunshine in the morning. Turn all the lights on.

cneill

16:27:43  weechat       whee => msg $channel (∩▂∩)
16:27:43  weechat       wheee => msg $channel (ﾉ^_^)ﾉ
16:27:43  weechat       wheeee => msg $channel ﾟ･✿ヾ╲(｡◕‿◕｡)╱✿･ﾟ
16:27:43  weechat       wheeeee => msg $channel ᕕ(ᐛ)ᕗ

cneill

    def _logTests(self, tests, bucket, status=None):
        """Log each test by adding to self.all_tests and the right "bucket"
        based on the status of the test (e.g. self.aggregated_errors)

        :param list tests: test results (e.g. test.failures)
        :param dict bucket: place to store the tests (e.g. self.aggregated_errors)
        """
        for issue in tests:
            url = issue.request.url
            method = issue.request.method

cneill

CONTRIBUTING.rst:10:4. No new code will be accepted if it adds a new dependency on OpenCAFE, or adds
CONTRIBUTING.rst:11:   on top of existing CAFE functionality IF it cannot stand on its own without
CONTRIBUTING.rst:12:   CAFE.
README.rst:35:CAFE Framework <https://github.com/stackforge/opencafe>`__.
README.rst:83:-  Create a directory named .opencafe in the user's home directory, or in the case of a python virtualenv, in the virtualenv root folder.
README.rst:87:   $ cafe-config init
README.rst:93:   $ cafe-config plugins install http
README.rst:98:Copy the data files from Syntribos data directory to .opencafe/data directory created during "cafe-config init". This directory contains the fuzz string files. Copy the example configuration file to .opencafe/configs directory created during "cafe-config init".
README.rst:102:    $ cp syntribos/data/* .opencafe/data/
README.rst:103:    $ cp syntribos/examples/configs/keystone.config  .opencafe/configs/.

cneill

doc/source/conf.py:78:intersphinx_mapping = {'cafe': ('http://opencafe.readthedocs.org/en/latest', None)}
doc/source/conf.py:81:#     'cafe',
doc/source/conf.py:82:#     'cafe.engine.http.client',
doc/source/conf.py:83:#     'cafe.drivers.unittest.arguments'
syntribos/arguments.py:18:import cafe.drivers.unittest.arguments
syntribos/arguments.py:70:            action=cafe.drivers.unittest.arguments.ConfigAction,
syntribos/arguments.py:71:            help="test config.  Looks in the ~/.opencafe/configs directory"
syntribos/clients/http/base_http_client.py:3:# Original from OpenCafe (https://github.com/openstack/opencafe)
syntribos/clients/http/config.py:14:from cafe.engine.models.data_interfaces import ConfigSectionInterface
syntribos/config.py:14:from cafe.engine.models.data_interfaces import ConfigSectionInterface

cneill

Terminology for Syntribos

Test

• Meaning: A set of checks that is conducted to uncover the presence of a specific type of vulnerability. Tests should be able to specify requests or Request Chains that it knows how to interact with
• Purpose: Identify vulnerabilities
• Example: SQL Injection

Test Case