Skip to content

Instantly share code, notes, and snippets.

View h0wl's full-sized avatar

h0wl h0wl

92 followers · 42 following
View GitHub Profile
@mtigas
mtigas / gist:952344
Last active April 3, 2024 07:57
Mini tutorial for configuring client-side SSL certificates.

Client-side SSL

For excessively paranoid client authentication.

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes:

@kevinSuttle
kevinSuttle / meta-tags.md
Last active May 12, 2024 15:28 — forked from lancejpollard/meta-tags.md
List of Usable HTML Meta and Link Tags
@chriskiehl
chriskiehl / Vitual keystroke example
Created June 10, 2012 15:08
Python win32api simple Vitual keystroke example
#Giant dictonary to hold key name and VK value
VK_CODE = {'backspace':0x08,
'tab':0x09,
'clear':0x0C,
'enter':0x0D,
'shift':0x10,
'ctrl':0x11,
'alt':0x12,
'pause':0x13,
'caps_lock':0x14,
@wirepair
wirepair / ff os cmd exec
Created October 9, 2013 05:05
Run a OS command from a firefox plugin or from Error Console
Either put into a plugin or open error console to test: (Ctrl+Shift+J) -> paste -> click 'Evaluate'
Enjoy,
@_wirepair
linux:
var file=Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);file.initWithPath("/usr/bin/gcalctool");var process=Components.classes["@mozilla.org/process/util;1"].createInstance(Components.interfaces.nsIProcess);process.init(file);process.run(false, null, 0);
Windows:
var file=Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsIFile);file.initWithPath("C:\\windows\\system32\\calc.exe");file.launch();
or
@hugsy
hugsy / screenshot_browser.py
Last active December 27, 2015 01:28
Headless browser screenshoter
#!/usr/bin/env python2
import os
import sys
import time
import subprocess
try:
from pyvirtualdisplay import Display
except ImportError:
@nishimunea
nishimunea / fxos_advent_calendar_1214.md
Created December 14, 2013 15:12

GeckoのlocalStorageについて調べてみた

これはFirefox OS Advent Calendar 2013 12/14の記事です。

こんにちは、にしむねあです。 この記事ではGeckoのlocalStorageの実装を紹介します。 私はセキュリティの分野に興味があるので、データのアクセス制御がどのように実装されているかを掘り下げてみたいと思います。

localStorageとは?

@mubix
mubix / brutedns.rb
Created February 20, 2014 04:55
Iteratively brutes dns hostnames
#!/usr/bin/env ruby
#
## Brute code stolen form: https://gist.github.com/petehamilton/4755855
#
@domain = 'contoso.com'
def result?(sub)
results = %x(dig +noall #{sub}.#{@domain} +answer)
@axt
axt / bbhit.c
Last active September 18, 2020 07:56
Naive hit tracer implementation using DynamoRIO.
/*
* Naive hit tracer implementation using DynamoRIO.
*
* Author: axt
*
* Build it with the following commands:
* gcc -Dbbhit_EXPORTS -DSHOW_RESULTS -DSHOW_SYMBOLS -fPIC -I../include -I../ext/include -DX86_64 -DLINUX -O2 -fno-stack-protector -o bbhit.c.o -c bbhit.c
* gcc -fPIC -O2 -DX86_64 -DLINUX -fno-stack-protector -fPIC -shared -lgcc -Wl,--hash-style=both -shared -Wl,-soname,libbbhit.so -o libbbhit.so bbhit.c.o ../lib64/debug/libdynamorio.so.4.2 ../ext/lib64/debug/libdrsyms.so
*/
#include <stddef.h>
@takeshixx
takeshixx / hb-test.py
Last active March 9, 2024 13:37
OpenSSL heartbeat PoC with STARTTLS support.
#!/usr/bin/env python2
"""
Author: takeshix <takeshix@adversec.com>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford (jspenguin@jspenguin.org).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser
@kevincennis
kevincennis / v8.md
Last active May 6, 2024 05:25
V8 Installation and d8 shell usage

Installing V8 on a Mac

Prerequisites

  • Install Xcode (Avaliable on the Mac App Store)
  • Install Xcode Command Line Tools (Preferences > Downloads)
  • Install depot_tools
    • $ git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
    • $ nano ~/.zshrc
    • Add path=('/path/to/depot_tools' $path)