Skip to content

Instantly share code, notes, and snippets.

View itsjef's full-sized avatar

Anh Tran (Adrian) itsjef

20 followers · 10 following
View GitHub Profile
@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active June 23, 2024 20:29
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@ankurk91
ankurk91 / github_gpg_key.md
Last active June 7, 2024 14:31
Signing git commits using GPG (Ubuntu/Mac)

Github : Signing commits using GPG (Ubuntu/Mac) 🔐

  • Do you have an Github account ? If not create one.
  • Install required tools
  • Latest Git Client
  • gpg tools
# Ubuntu
sudo apt-get install gpa seahorse
# MacOS with https://brew.sh/
@gaearon
gaearon / slim-redux.js
Last active May 5, 2024 15:14
Redux without the sanity checks in a single file. Don't use this, use normal Redux. :-)
function mapValues(obj, fn) {
return Object.keys(obj).reduce((result, key) => {
result[key] = fn(obj[key], key);
return result;
}, {});
}
function pick(obj, fn) {
return Object.keys(obj).reduce((result, key) => {
if (fn(obj[key])) {
@n3zukochan
n3zukochan / Website checklist.md
Last active September 19, 2015 06:39
This is a checklist for any simple website before launching. This checklist is a simple version of the checklist I got from guide.co

Website checklist

Standards And Validation

  • Check your code: Remember to validate your code
  • Validate that all of your forms are working: Check any automatic emails for spelling mistakes and that it looks good on all email clients. Also, it's a great idea to add a link to social networks on all of your touchpoints.
  • Check your site on multiple browsers: Firefox, Chrome, Safari and IE or Edge(LOL)
  • Check your site on mobile: Mobile site checking

Website SEO

  • Check your keywords: Ensure you have your meta description in place, and that any keywords are suitable for the site
  • Check your titles: A popular structure for page titles is: Name of my page | websitename
@staltz
staltz / introrx.md
Last active July 25, 2024 16:52
The introduction to Reactive Programming you've been missing
@mziwisky
mziwisky / Oauth2.md
Last active February 15, 2024 23:31
Oauth2 Explanation

OAUTH2

The Problem

I’m a web app that wants to allow other web apps access to my users’ information, but I want to ensure that the user says it’s ok.

The Solution

I can’t trust the other web apps, so I must interact with my users directly. I’ll let them know that the other app is trying to get their info, and ask whether they want to grant that permission. Oauth defines a way to initiate that permission verification from the other app’s site so that the user experience is smooth. If the user grants permission, I issue an AuthToken to the other app which it can use to make requests for that user's info.

Note on encryption

Oauth2 has nothing to do with encryption -- it relies upon SSL to keep things (like the client app’s shared_secret) secure.

@debasishg
debasishg / gist:8172796
Last active July 5, 2024 11:53
A collection of links for streaming algorithms and data structures

General Background and Overview

  1. Probabilistic Data Structures for Web Analytics and Data Mining : A great overview of the space of probabilistic data structures and how they are used in approximation algorithm implementation.
  2. Models and Issues in Data Stream Systems
  3. Philippe Flajolet’s contribution to streaming algorithms : A presentation by Jérémie Lumbroso that visits some of the hostorical perspectives and how it all began with Flajolet
  4. Approximate Frequency Counts over Data Streams by Gurmeet Singh Manku & Rajeev Motwani : One of the early papers on the subject.
  5. [Methods for Finding Frequent Items in Data Streams](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.187.9800&rep=rep1&t
@iros
iros / API.md
Created August 22, 2012 14:42
Documenting your REST API

Title

<Additional information about your API call. Try to use verbs that match both request type (fetching vs modifying) and plurality (one vs multiple).>

  • URL

    <The URL Structure (path only, no root url)>

  • Method:

@ibeex
ibeex / foo.log
Created August 4, 2012 13:46
Flask logging example
A warning occurred (42 apples)
An error occurred
@MohamedAlaa
MohamedAlaa / tmux-cheatsheet.markdown
Last active July 24, 2024 17:56
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname