Skip to content

Instantly share code, notes, and snippets.

View davejm's full-sized avatar

David Moodie davejm

26 followers · 20 following
  • UK
View GitHub Profile
@tarleb
tarleb / latex-short-captions.lua
Last active June 14, 2019 22:43
Filter to turn figure titles into short captions in LaTeX
-- don't do anything unless we target latex
if FORMAT ~= "latex" then
return {}
end
local List = require'pandoc.List'
local function latex(str)
return List:new{pandoc.RawInline('latex', str)}
end
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active May 22, 2024 09:01
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@yossorion
yossorion / what-i-wish-id-known-about-equity-before-joining-a-unicorn.md
Last active April 7, 2024 22:55
What I Wish I'd Known About Equity Before Joining A Unicorn

What I Wish I'd Known About Equity Before Joining A Unicorn

Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.

This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would

@luiscape
luiscape / install_packages.sh
Created January 16, 2017 14:36
Install Python dependency packages from requirements.txt using conda.
#
# Original solution via StackOverflow:
# http://stackoverflow.com/questions/35802939/install-only-available-packages-using-conda-install-yes-file-requirements-t
#
#
# Install via `conda` directly.
# This will fail to install all
# dependencies. If one fails,
# all dependencies will fail to install.
@rdempsey
rdempsey / README.md
Last active October 13, 2022 07:03 — forked from toddq/README.md

##Description Simple Dashing widget (and associated job) to display RSS feeds. Based on toddq's News widget. Due to comments about the widget not working for many sites I updated the widget to use Ruby's RSS library. It works quite well now.

##Screenshot

##Dependencies nokogiri

htmlentities

@JedWatson
JedWatson / 1-proposal.md
Last active January 2, 2024 17:59
Proposal: adding reverse-relationship population to Mongoose (as implemented in KeystoneJS)

I've developed a useful feature in KeystoneJS that lets you populate a relationship from either side, while only storing the data on one side, and am looking for feedback on whether it is something that could / should be brought back into mongoose itself. (It might be possible to add as a separate package but I suspect there'd be too much rewriting of mongoose internals for that to be a good idea).

I've added this as an issue in mongoose for consideration: #1888 but am leaving this gist in place because the examples are easier to read.

I've used Posts and Categories as a basic, contrived example to demonstrate what I'm talking about here; in reality you'd rarely load all the posts for a category but there are other real world cases where it's less unreasonable you'd want to do this, and Posts + Categories is an easy way to demo it.

The problem

The built-in population feature is really useful; not just for

@toddq
toddq / README.md
Last active May 15, 2021 13:37 — forked from mjamieson/README.md
@EvanDotPro
EvanDotPro / gittyup.sh
Created December 21, 2011 17:15
Easily keep master in sync with upstream.
####################################################################################
## ##
## gittyup() - Easily keep master in sync with upstream. ##
## ##
## Author: Evan Coury, http://blog.evan.pro/ ##
## URL: https://gist.github.com/1506822 ##
## ##
## This bash function is a simple shortcut for keeping your local (and public ##
## fork / origin remote) master branch up to date and in sync with the upstream ##
## master. To use gittyup(), simply drop this in your ~/.bashrc. ##