bshamric

var fs = require('fs');

//this is the path that QTNetwork classes uses for caching files for it's http client
//the path should be the one that has 16 folders labeled 0,1,2,3,...,F
exports.cachePath = '/path/to/phantomjs/cache/data/folder';

//this is the extension used for files in the cache path
exports.cacheExtension = "d";

//the resources that are to be saved

hubgit

Anonymising PDFs

PDF metadata

Metadata in PDF files can be stored in at least two places:

• the Info Dictionary, a limited set of key/value pairs
• XMP packets, which contain RDF statements expressed as XML

PDF files

hwdsl2

List of malware collected in my Kippo SSH Honeypot

This Gist summarizes all malware collected in my Kippo SSH Honeypot from June 2013 to present.

Last updated: March 1, 2016

Link to my blog article with detailed information

Kippo SSH Honeypot (GitHub)

↓  ↓  ↓ Scroll down for the list ↓  ↓  ↓

kwk

.PHONY: using-gcc using-gcc-static using-clang

using-gcc:
	g++-4.8 -o main-gcc -lasan -O -g -fsanitize=address -fno-omit-frame-pointer main.cpp && \
	ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=$(shell which llvm-symbolizer) ./main-gcc

using-gcc-static:
	g++-4.8 -o main-gcc-static -static-libstdc++ -static-libasan -O -g -fsanitize=address -fno-omit-frame-pointer main.cpp && \
	ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=$(shell which llvm-symbolizer) ./main-gcc-static

joepie91

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

• A Russian translation of this article can be found here, contributed by Timur Demin.
• A Turkish translation can be found here, contributed by agyild.
• There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

jult

#!/bin/sh

# This script runs every other night at 04:56 CET on a webserver I maintain
# Results are always at: https://jult.net/block.txt ( or https://jult.net/block.txt.gz )
# And much smaller, stripped of BS; https://jult.net/bloc.txt
# For use in Tixati IP filter: https://jult.net/bloc.txt.gz !!!
# And finally a txt file with just the bold IP-ranges: https://jult.net/bl.txt (or https://jult.net/bl.txt.gz )

# Download open block-lists, unpack, filter:
curl -s https://www.iblocklist.com/lists.php | grep -A 2 Bluetack | xargs wget -qO - --limit-rate=500k | gunzip -f | egrep -v '^#' > /tmp/xbp

baxeico

from django.http import HttpResponse

class AllowCORSMixin(object):

    def add_access_control_headers(self, response):
        response["Access-Control-Allow-Origin"] = "*"
        response["Access-Control-Allow-Methods"] = "GET, OPTIONS"
        response["Access-Control-Max-Age"] = "1000"
        response["Access-Control-Allow-Headers"] = "X-Requested-With, Content-Type"

ageis

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict

hasherezade

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
@="Rundll32.exe SHELL32.DLL,ShellExec_RunDLL \"C:\\ProgramData\\test.exe\""

sapran

Prerequisites

(Preferably) Use a VPN

• AlgoVPN https://github.com/trailofbits/algo
• OpenVPN (AS) https://openvpn.net/index.php/access-server/overview.html
• 3rd party service, e.g. ProtonVPN https://protonvpn.com

Install a proxy tool of choise

• OWASP ZAP https://github.com/zaproxy/zaproxy/wiki/Downloads
• BurpSuite https://portswigger.net/burp/communitydownload