Skip to content

Instantly share code, notes, and snippets.

View kanzure's full-sized avatar

Bryan Bishop kanzure

517 followers · 667 following
View GitHub Profile
@wilsaj
wilsaj / flaskplotlib.py
Created March 9, 2011 13:09
Example of rendering a matplotlib image directly to Flask view
from flask import Flask, make_response
app = Flask(__name__)
@app.route("/simple.png")
def simple():
import datetime
import StringIO
import random
from matplotlib.backends.backend_agg import FigureCanvasAgg as FigureCanvas
@denik
denik / ServerRack.py
Created June 5, 2011 09:31
class for managing multiple servers in gevent
# Class for managing multiple servers or anything with start() and stop() methods
class ServerRack(object):
def __init__(self, servers):
self.servers = servers
def start(self):
started = []
try:
@n1k0
n1k0 / test.js
Created September 10, 2011 15:28
PhantomJS, arraybuffer and obsolete webkit version :(
var page = new WebPage();
page.open('http://www.google.fr/', function(status) {
var base64 = page.evaluate(function() {
function base64ArrayBuffer(arrayBuffer) {
var base64 = ''
var encodings = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
var bytes = new Uint8Array(arrayBuffer)
var byteLength = bytes.byteLength
var byteRemainder = byteLength % 3
var mainLength = byteLength - byteRemainder
@jboner
jboner / latency.txt
Last active April 23, 2024 17:34
Latency Numbers Every Programmer Should Know
Latency Comparison Numbers (~2012)
----------------------------------
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns 3 us
Send 1K bytes over 1 Gbps network 10,000 ns 10 us
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD
@postmodern
postmodern / rails_rce.rb
Last active July 17, 2023 11:54
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@markpundsack
markpundsack / heroku-CVE-2013-0156.rb
Last active November 27, 2023 15:44 — forked from elliottkember/heroku-CVE-2013-0156.rb
Forked from https://gist.github.com/4489689 by elliottkember. CVE-2013-0156 is a nasty vulnerability in many versions of Rails. This script checks all your Heroku apps for this vulnerability in one quick (slow) move. More info: https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
## The quick-and-nasty CVE-2013-0156 Heroku inspector!
## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku
## Download and run using:
## ruby heroku-CVE-2013-0156.rb
`heroku list`.split("\n").each do |app|
app = app.strip
# Some "heroku apps" lines have === formatting for grouping. They're not apps.
next if app[0..2] == "==="
@knewter
knewter / gist:4709576
Created February 4, 2013 20:41
vids
----------------------------
#<ProbablyWorthWatching::Tweet:0x00000004cfbf30 @author="kanzure_", @content="http://www.youtube.com/watch?v=3N0kWzC6jmE&feature=related Lecture - 2 Architecture of Industrial Automation Systems">
title: Lecture - 2 Architecture of Industrial Automation Systems
description: Lecture Series on Industrial Automation and Control by Prof. S. Mukhopadhyay, Department of Electrical Engineering, IIT Kharagpur. For more Courses visit http://nptel.iitm.ac.in
url: http://www.youtube.com/v/3N0kWzC6jmE&feature=youtube_gdata_player
----------
#<ProbablyWorthWatching::Tweet:0x00000004d026a0 @author="kanzure_", @content="http://www.youtube.com/watch?v=PirH8PADDgQ the ad">
title: Koyaanisqatsi (trailer)
description: Trailer do filme Koyaanisqatsi
@dsueiro
dsueiro / ron-shamir-review.md
Created February 20, 2013 17:08 — forked from jgarzik/ron-shamir-review.md

This is a review of "Quantitative Analysis of the Full Bitcoin Transaction Graph" by Dorit Ron and Adi Shamir.

There are some incorrect details and analyses that warrant attention.

Oct. 31 UPDATE

The authors have introduced several revisions to their paper, available at the same URL as before.

The criticism below may be outdated in part or in full.

@dnordberg
dnordberg / api_docs.py
Last active May 9, 2016 22:43
Generate Swagger documentation stubs for flask-restless.
# Script used to help generate Swagger docs.
import re
import os
import argparse
import urlparse
import simplejson
from collections import defaultdict
from sqlalchemy.ext.declarative.api import DeclarativeMeta
@epixoip
epixoip / cloudflare_challenge
Last active December 2, 2023 11:53
How I obtained the private key for www.cloudflarechallenge.com
I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
that I too could do it.
First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.