Skip to content

Instantly share code, notes, and snippets.

View eshaan7's full-sized avatar
💭
breaking things

Eshaan Bansal eshaan7

💭
breaking things
156 followers · 60 following
View GitHub Profile
@surenkov
surenkov / django_pg_locks.py
Last active December 29, 2023 11:24
Postgres table / advisory lock context managers for Django python apps
import contextlib
import enum
import hashlib
import typing as t
from django.apps import apps
from django.db import models, transaction, connection, OperationalError, InternalError
from psycopg2 import sql
@Munawwar
Munawwar / redis-concurrency-control.js
Last active July 12, 2021 16:22
Redis concurrency control
const redis = require('redis');
const bluebird = require('bluebird');
const redisClient = redis.createClient({});
bluebird.promisifyAll(Object.getPrototypeOf(redisClient));
const luaScript = `
local newPayload = ARGV[1]
local newVersionStr, newData = ARGV[1]:match("^([0-9]+)|(.+)$")
local prevVal = redis.call("get", KEYS[1]) or nil
@bradtraversy
bradtraversy / mongodb_cheat_sheet.md
Last active May 3, 2024 03:57
MongoDB Cheat Sheet

MongoDB Cheat Sheet

Show All Databases

show dbs

Show Current Database

@bradtraversy
bradtraversy / mysql_cheat_sheet.md
Last active May 3, 2024 17:03
MySQL Cheat Sheet

MySQL Cheat Sheet

Help with SQL commands to interact with a MySQL database

MySQL Locations

  • Mac /usr/local/mysql/bin
  • Windows /Program Files/MySQL/MySQL version/bin
  • Xampp /xampp/mysql/bin

Add mysql to your PATH

@sapran
sapran / sqlmap tamper scripts
Last active December 17, 2023 02:52
sqlmap tamper scripts grouped by DBMS Copied from: https://prakash-khadka.com.np/wp-content/uploads/pdf/www-moonsec-com.pdf
# All scripts
```
--tamper=apostrophemask,apostrophenullencode,appendnullbyte,base64encode,between,bluecoat,chardoubleencode,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,randomcomments,securesphere,space2comment,space2dash,space2hash,space2morehash,space2mssqlblank,space2mssqlhash,space2mysqlblank,space2mysqldash,space2plus,space2randomblank,sp_password,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords
```
# General scripts
```
--tamper=apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
```
# Microsoft access
```
@berzerk0
berzerk0 / CTFWRITE-ZorZ@Vulnhub.md
Last active August 5, 2023 13:35
A Few WebApp File Upload Vulnerabilities Explained - CTF Writeup: Zorz

This gist has been DEPRECATED.

The official version is found at https://berzerk0.github.io/GitPage/CTF-Writeups/ZorZ-Vulnhub.html

Updates will be reflected on GITPAGE VERSIONS ONLY

A Few WebApp File Upload Vulnerabilities Explained - CTF Writeup: Zorz

20 November 2017

This is "CTF" is more of a vulnerability sandbox than a true Capture the Flag challenge. However, it is a great way to explore some WebApp Upload vulnerabilities.

The VulnHub description says:

@postmodern
postmodern / rails_rce.rb
Last active July 17, 2023 11:54
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@CristinaSolana
CristinaSolana / gist:1885435
Created February 22, 2012 14:56
Keeping a fork up to date

1. Clone your fork:

git clone git@github.com:YOUR-USERNAME/YOUR-FORKED-REPO.git

2. Add remote from original repository in your forked repository:

cd into/cloned/fork-repo
git remote add upstream git://github.com/ORIGINAL-DEV-USERNAME/REPO-YOU-FORKED-FROM.git
git fetch upstream