Skip to content

Instantly share code, notes, and snippets.

View itsjef's full-sized avatar

Anh Tran (Adrian) itsjef

20 followers · 10 following
View GitHub Profile
@itsjef
itsjef / idea.md
Created January 20, 2013 05:09
@itsjef
itsjef / slim-redux.js
Created April 26, 2016 20:32 — forked from gaearon/slim-redux.js
Redux without the sanity checks in a single file. Don't use this, use normal Redux. :-)
function mapValues(obj, fn) {
return Object.keys(obj).reduce((result, key) => {
result[key] = fn(obj[key], key);
return result;
}, {});
}
function pick(obj, fn) {
return Object.keys(obj).reduce((result, key) => {
if (fn(obj[key])) {
@itsjef
itsjef / Oauth2.md
Created June 22, 2016 17:33 — forked from mziwisky/Oauth2.md
Oauth2 Explanation

OAUTH2

The Problem

I’m a web app that wants to allow other web apps access to my users’ information, but I want to ensure that the user says it’s ok.

The Solution

I can’t trust the other web apps, so I must interact with my users directly. I’ll let them know that the other app is trying to get their info, and ask whether they want to grant that permission. Oauth defines a way to initiate that permission verification from the other app’s site so that the user experience is smooth. If the user grants permission, I issue an AuthToken to the other app which it can use to make requests for that user's info.

Note on encryption

Oauth2 has nothing to do with encryption -- it relies upon SSL to keep things (like the client app’s shared_secret) secure.

@itsjef
itsjef / introrx.md
Created May 23, 2017 03:30 — forked from staltz/introrx.md
The introduction to Reactive Programming you've been missing
@itsjef
itsjef / github_bugbountyhunting.md
Created October 9, 2017 17:19 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@itsjef
itsjef / _MicroService Proxy Gateway Solutions.md
Created August 6, 2018 16:58 — forked from StevenACoffman/_MicroService Proxy Gateway Solutions.md
Microservice Proxy/Gateway Solutions

MicroService Proxy Gateway Solutions

Kong, Traefik, Caddy, Linkerd, Fabio, Vulcand, and Netflix Zuul seem to be the most common in microservice proxy/gateway solutions. Kubernetes Ingress is often a simple Ngnix, which is difficult to separate the popularity from other things.

Github Star Trend:

Github Star History for Kong vs traefik vs fabio vs caddy vs Zuul

This is just a picture of this link from Feb

@itsjef
itsjef / tmux-cheatsheet.markdown
Created August 23, 2018 04:22 — forked from MohamedAlaa/tmux-cheatsheet.markdown
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@itsjef
itsjef / .gitattributes
Created August 30, 2019 03:23 — forked from scivision/.gitattributes
End CRLF line ending hell for Windows + Cygwin or WSL and any other OS https://www.scivision.dev/git-line-endings-windows-cygwin-wsl/
.gitattributes text eol=lf
.gitignore text eol=lf
*.build text eol=lf
*.c text eol=lf
*.cmake text eol=lf
*.cpp text eol=lf
*.csv text eol=lf
*.f text eol=lf
*.f90 text eol=lf
*.for text eol=lf