Skip to content

Instantly share code, notes, and snippets.

View kennwhite's full-sized avatar

Kenn White kennwhite

66 followers · 3 following
View GitHub Profile
@kennwhite
kennwhite / monterey_hidden_files.sh
Created September 4, 2022 02:33
Permanently show hidden files in MacOS Monterey including Sublime Text
# To change the default Finder behavior and actually show hidden files/directories
defaults write com.apple.finder AppleShowAllFiles -boolean true; killall Finder
# To make the Sublime 4 (Build 4126 at time of writing) File Open dialog boxes to also show hidden files
defaults write com.sublimetext.4 AppleShowAllFiles -bool true
@kennwhite
kennwhite / 1944_OSS_Simple_Sabotage_Field_Manual.md
Last active April 5, 2024 02:51
1944 OSS Simple Sabotage Field Manual
@kennwhite
kennwhite / vpn_psk_bingo.md
Last active February 24, 2024 12:19
Most VPN Services are Terrible

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016

@kennwhite
kennwhite / VS_Code_go_debugging.md
Last active February 9, 2024 21:29
Setting up VS Code and Golang with debug & build flag (-tags foo) support

Setting up VS Code and Golang with debug & build flag (-tags foo) support

This is the setup that worked for me after half a day of hacking around and chasing rabbit holes down old forum posts and open & closed Github issues.

Problem: While Go integration with VS Code is pretty slick in general, I needed to pass compile-time build flags, e.g., -tags foo[^1] to go build and go run directives, and I wanted to be able to properly debug with breakpoints etc. While there are some promising tutorials out there like this on Digital Ocean and on Log Rocket it turned out that one of the first things they both say to do is add the Delve extension to VS Code,

@kennwhite
kennwhite / test_ciphers_with_certs.sh
Created May 15, 2018 17:37
Test advertised ciphersuites from a TLS-enabled server
#!/usr/bin/env bash
#
# By Romeo Ninov: https://superuser.com/a/224263
#
# OpenSSL requires the port number.
SERVER=$1
DELAY=1
ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')
@kennwhite
kennwhite / build_mongodb_from_source_debian_11.sh
Last active February 7, 2024 06:04
Reproducibly build MongoDB (7.0.0-rc0) from source on Debian 11 Bullseye
# Reproducible Debian 11 install steps for mongod v. 7.0.0 (defaults to gcc/g++ v 12, not 11, which requires more steps)
# NOT MEANT AS A TRUE SCRIPT -- SOME INTERACTION IS REQUIRED FROM PROMPTS
# DO NOT DO run apt get autoremove !!!
#
# THIS IN NO WAY IS OFFICIAL, OR REPRESENTS MongoDB Inc. USE AT YOUR OWN RISK
#
# Get ami # for Debian 11 Bullseye, from: https://wiki.debian.org/Cloud/AmazonEC2Image/Bullseye
echo 'deb http://http.us.debian.org/debian/ testing non-free contrib main' | sudo tee -a /etc/apt/sources.list >/dev/null
sudo apt -y update
@kennwhite
kennwhite / multi_key_crypto.sh
Last active January 16, 2024 15:47
OpenSSL command line recipe for multi-public key file encryption. Any single private key paired to one of the public keys can decrypt the file.
#!/usr/bin/env bash
#
# Example of multiple key AES encryption for text files using the openssl v. 0.9.8+ command line utility
# Uses n public certs as key for MIME PKCS envelope, any individual private key can decrypt.
#
# If standard RSA ssh keys exist, these can be converted to public certs as well (and ssh keys can decrypt)
#
# To sign (and verify) the encrypted file, one of the private keys is required, see:
# http://www.openssl.org/docs/apps/smime.html#EXAMPLES for openssl smime examples
# or http://www.openssl.org/docs/apps/cms.html#EXAMPLES for cms utility (OpenSSL v. 1.0+)
@kennwhite
kennwhite / https.go
Last active December 24, 2023 22:06
Simple https http/2 static web server with HSTS & CSP (A+ SSLLabs & securityheaders.io rating) in Go using LetsEncrypt acme autocert
package main
import (
"crypto/tls"
"golang.org/x/crypto/acme/autocert"
"log"
"net"
"net/http"
)
@kennwhite
kennwhite / mongo_redhat_cent_7_install.sh
Last active December 16, 2023 03:22
Install latest MongoDB on RedHat/CentOS 7
#!/bin/bash
# Simple install script for stock RedHat/CentOS 7.x
# Allows yum update to pull security & other fixes automatically from MongoDB.com's repos
# (versus ancient packages in Red Hat/Cent repos)
# To completely purge all remnants of Mongo (repo conf, rpms, yum cache, DB files, kernel tweaks:
# sudo service mongod stop ; sudo rm -rf /etc/yum.repos.d/mongo* ; sudo rm -rf /var/lib/mongo/* ; sudo sed -i.`date +%Y-%m-%d_%H-%M-%S`.bak '/^#.*$/!d' /etc/rc.d/rc.local ; sudo rm -rf /var/cach/yum ; sudo yum -y clean all ; sudo yum -y remove mongodb*
# Sanity check - are we on a RH family distro?
[ -f "/etc/redhat-release" ] || { echo -e "This script requires RedHat or CentOS. Quitting. \n"; exit 1 ;}
@kennwhite
kennwhite / Dockerfile
Last active October 4, 2023 09:04
MongoDB .NET Alpine Dockerfile CSFLE example (MSFT's Alpine SDK image and Alpine's official image)
# syntax=docker/dockerfile:1
FROM mcr.microsoft.com/dotnet/sdk:6.0-alpine3.15
# FROM alpine:3.15
#
ENV MDB_CONN_STR="mongodb+srv://user:password@clusterX.XXX.mongodb.net/test?retryWrites=true&w=majority"
#
RUN apk update
RUN apk add git make cmake g++ libbson-static musl-dev libc-dev openssl openssl-dev py3-pip icu-dev bash nano coreutils
RUN mkdir -p /code/app
WORKDIR /code/app