incogbyte

console.log("[*] SSL Pinning Bypasses");
console.log(`[*] Your frida version: ${Frida.version}`);
console.log(`[*] Your script runtime: ${Script.runtime}`);

/**
 * by incogbyte
 * Common functions 
 * thx apkunpacker, NVISOsecurity, TheDauntless
 * Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
 * !!! THIS SCRIPT IS NOT A SILVER BULLET !!

0xabad1dea

Risk Assessment of GitHub Copilot

0xabad1dea, July 2021

this is a rough draft and may be updated with more examples

GitHub was kind enough to grant me swift access to the Copilot test phase despite me @'ing them several hundred times about ICE. I would like to examine it not in terms of productivity, but security. How risky is it to allow an AI to write some or all of your code?

Ultimately, a human being must take responsibility for every line of code that is committed. AI should not be used for "responsibility washing." However, Copilot is a tool, and workers need their tools to be reliable. A carpenter doesn't have to

sillydadddy

name = "assetfinder"
type = "ext"

function vertical(ctx, domain)
    print("in asset finder")
    local cmd = outputdir(ctx) .. "assetfinder --subs-only " .. domain

    local data = assert(io.popen(cmd))
    for line in data:lines() do

hazcod

# Generated by iptables-save v1.4.21 on Sun Jan 19 08:14:54 2020
*raw
:PREROUTING ACCEPT [17478:786616]
:OUTPUT ACCEPT [15285:6842393]
COMMIT
# Completed on Sun Jan 19 08:14:54 2020
# Generated by iptables-save v1.4.21 on Sun Jan 19 08:14:54 2020
*nat
:PREROUTING ACCEPT [412:43501]
:INPUT ACCEPT [54:3686]

birnbuazn

#!/bin/bash

# Copyright © 2017 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software

hazcod

#!/usr/bin/env bash
set -euo pipefail
shopt -s inherit_errexit 2>/dev/null || true

# this script will connect macOS to Cloudflare Warp using Wireguard
# note: this is *absolutely not* an official client from Cloudflare

# Copyright (C) 2019 Jay Freeman (saurik)

# Zero Clause BSD license {{{

ledongthuc

Create template actions that's used to verify Go language pull requests before merging. It's easy to custom the flow, tools with your case.

Put pr_checker.yml or pr_checker_simple.yml to .github/workflows/ and see how it works with your pull requests. Make sure you are allows to use actions of Github.

• pr_checker.yml is using by mine with full checking tools. It will make sure every Go langauge pull requests will be buildable, testable, passed security checking and error-able code checking.
• pr_checker_simple.yml is more simpler with buildable, testable.

References:

• https://github.com/features/actions
• https://help.github.com/en/categories/automating-your-workflow-with-github-actions

hazcod

{"lastUpload":"2020-01-20T22:00:22.291Z","extensionVersion":"v3.4.3"}

luckylittle

Red Hat Security: Securing Containers & OpenShift (DO425)

Last update: Tue Jan 14 23:15:49 UTC 2020 by @luckylittle

---

Objectives

1. Understand, identify, and work with containerization features
2. Deploy a preconfigured application and identify crucial features such as namespaces, SELinux labels, and cgroups

DaanGeurts

#!/bin/bash

# Copyright © 2017 Google Inc.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software