Skip to content

Instantly share code, notes, and snippets.

View dualfade's full-sized avatar
💭
Fart Sound.

dualfade

💭
Fart Sound.
33 followers · 5 following
View GitHub Profile
@nikitastupin
nikitastupin / fingerprint.js
Created February 8, 2021 12:21
fingerprint.js
(() => {
let gadgets = [];
if (typeof _satellite !== 'undefined') {
gadgets.push('Adobe Dynamic Tag Management');
}
if (typeof BOOMR !== 'undefined') {
gadgets.push('Akamai Boomerang');
}
@abhisek
abhisek / pod-to-node.yml
Created March 17, 2020 04:35
Kubernetes Pod hostPath Volume Mount
apiVersion: v1
kind: Pod
metadata:
labels:
run: attacker-pod
name: attacker-pod
spec:
hostPID: true
hostIPC: true
hostNetwork: true
@benjamingr
benjamingr / intercept-network-requests.js
Created January 15, 2019 20:18
function interceptNetworkRequests(ee) {
const open = XMLHttpRequest.prototype.open;
const send = XMLHttpRequest.prototype.send;
const isRegularXHR = open.toString().indexOf('native code') !== -1;
// don't hijack if already hijacked - this will mess up with frameworks like Angular with zones
// we work if we load first there which we can.
if (isRegularXHR) {
@mccabe615
mccabe615 / phpdangerousfuncs.md
Last active May 8, 2024 09:36
Dangerous PHP Functions

Command Execution

exec           - Returns last line of commands output
passthru       - Passes commands output directly to the browser
system         - Passes commands output directly to the browser and returns last line
shell_exec     - Returns commands output
\`\` (backticks) - Same as shell_exec()
popen          - Opens read or write pipe to process of a command
proc_open      - Similar to popen() but greater degree of control
pcntl_exec - Executes a program
@alessioalex
alessioalex / debug-events.js
Last active April 27, 2024 06:17
intercept *.addEventListener for debugging
// http://stackoverflow.com/questions/4787698/failure-to-override-elements-addeventlistener-in-firefox
(function() {
Error.stackTraceLimit = Infinity;
var _interfaces = Object.getOwnPropertyNames(window).filter(function(i) {
return /^HTML/.test(i);
}).map(function(i) {
return window[i];
});
@wpscholar
wpscholar / vagrant-cheat-sheet.md
Last active May 7, 2024 11:05
Vagrant Cheat Sheet

Typing vagrant from the command line will display a list of all available commands.

Be sure that you are in the same directory as the Vagrantfile when running these commands!

Creating a VM

  • vagrant init -- Initialize Vagrant with a Vagrantfile and ./.vagrant directory, using no specified base image. Before you can do vagrant up, you'll need to specify a base image in the Vagrantfile.
  • vagrant init <boxpath> -- Initialize Vagrant with a specific box. To find a box, go to the public Vagrant box catalog. When you find one you like, just replace it's name with boxpath. For example, vagrant init ubuntu/trusty64.

Starting a VM

  • vagrant up -- starts vagrant environment (also provisions only on the FIRST vagrant up)
@leommoore
leommoore / file_magic_numbers.md
Last active May 7, 2024 20:49
File Magic Numbers

File Magic Numbers

Magic numbers are the first bits of a file which uniquely identify the type of file. This makes programming easier because complicated file structures need not be searched in order to identify the file type.

For example, a jpeg file starts with ffd8 ffe0 0010 4a46 4946 0001 0101 0047 ......JFIF.....G ffd8 shows that it's a JPEG file, and ffe0 identify a JFIF type structure. There is an ascii encoding of "JFIF" which comes after a length code, but that is not necessary in order to identify the file. The first 4 bytes do that uniquely.

This gives an ongoing list of file-type magic numbers.

Image Files

@jeffdonthemic
jeffdonthemic / httparty.rb
Last active May 2, 2024 00:45
HTTParty Examples
options = { :body =>
{ :username => 'my',
:password => 'password'
}
}
results = HTTParty.post("http://api.topcoder.com/v2/auth", options)
##
## example for post with papertrail and basic auth
##