Skip to content

Instantly share code, notes, and snippets.

View jmingov's full-sized avatar

3boll jmingov

109 followers · 61 following
View GitHub Profile
@jmingov
jmingov / web server log analysis cheat sheet
Created September 7, 2021 18:47 — forked from hvelarde/web server log analysis cheat sheet
# get total requests by status code
awk '{print $9}' /var/log/nginx/access.log | sort | uniq -c | sort -rn
# get top requesters by IP
awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head | awk -v OFS='\t' '{"host " $2 | getline ip; print $0, ip}'
# get top requesters by user agent
awk -F'"' '{print $6}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head
# get top requests by URL
@jmingov
jmingov / load_dotenv.sh
Created July 9, 2021 10:54 — forked from mihow/load_dotenv.sh
Load environment variables from dotenv / .env file in Bash
if [ ! -f .env ]
then
export $(cat .env | xargs)
fi
@jmingov
jmingov / system.rs
Created April 2, 2021 01:36 — forked from ArtemGr/system.rs
Read lines from a pipe as soon as they come out (useful for filtering).
#![feature(mpsc_select, box_syntax)]
use std::io;
use std::process::Command;
use std::sync::mpsc::{channel, Receiver, Select};
use std::string::FromUtf8Error;
use std::thread::spawn;
#[derive(Debug)]
enum PipeError {
@jmingov
jmingov / Users.php
Last active July 3, 2020 23:21
CI4 VALIDATION BUG
<?php
namespace App\Controllers;
use CodeIgniter\Controller;
use Config\Services;
class Users extends Controller
{
public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger)
@jmingov
jmingov / Session.php
Created May 13, 2020 21:57 — forked from Nilpo/Session.php
A simple session wrapper class to provide static OOP access to PHP sessions.
<?php
/**
* Session Helper Class
*
* A simple session wrapper class.
*
* Recommended for use with PHP 5.4.0 or higher. (Not required.)
*
* Usage Example:
@jmingov
jmingov / ppwt2.go
Last active June 18, 2018 21:04 — forked from neon520/ppwt2.go
package main
import (
"fmt"
"log"
"math/rand"
"time"
)
type Threader struct {
@jmingov
jmingov / ppwt2.go
Created June 10, 2018 17:05
package main
import (
"log"
"math/rand"
"time"
)
type Threader struct {
TIME_LIMIT time.Time
@jmingov
jmingov / ppwt.go
Last active June 5, 2018 20:26
package main
import (
"log"
"math/rand"
"time"
)
const TIME_LIMIT = time.Second
@jmingov
jmingov / github_bugbountyhunting.md
Created October 8, 2017 10:59 — forked from EdOverflow/github_bugbountyhunting.md
My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@jmingov
jmingov / keybase.md
Created September 19, 2017 10:53

Keybase proof

I hereby claim:

  • I am jmingov on github.
  • I am jmingov (https://keybase.io/jmingov) on keybase.
  • I have a public key ASAxR_iU1Is4AVZAqUAAhtCEzjiWePkYXMcoTKlwODVwNAo

To claim this, I am signing this object: