Skip to content

Instantly share code, notes, and snippets.

View leonklingele's full-sized avatar
💭
🫨

leonklingele

💭
🫨
60 followers · 61 following
View GitHub Profile
@glebm
glebm / RenderWhitespace.md
Last active September 26, 2017 11:17
Render whitespace on GitHub
@flaviocopes
flaviocopes / Visualize your local Git contributions with Go.md
Last active January 19, 2024 17:29
Visualize your local Git contributions with Go. https://flaviocopes.com/go-git-contributions/

Run go install and

  • gogitlocalstats -add /path/to/folder will scan that folder and its subdirectories for repositories to scan
  • gogitlocalstats -email your@email.com will generate a CLI stats graph representing the last 6 months of activity for the passed email. You can configure the default in main.go, so you can run gogitlocalstats without parameters.

Being able to pass an email as param makes it possible to scan repos for collaborators activity as well.

License: CC BY-SA 4.0

@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@briansmith
briansmith / how-to-generate-and-use-private-keys-with-openssl-tool.md
Last active April 11, 2024 17:02
How to generate & use private keys using the OpenSSL command line tool

How to Generate & Use Private Keys using OpenSSL's Command Line Tool

These commands generate and use private keys in unencrypted binary (not Base64 “PEM”) PKCS#8 format. The PKCS#8 format is used here because it is the most interoperable format when dealing with software that isn't based on OpenSSL.

OpenSSL has a variety of commands that can be used to operate on private key files, some of which are specific to RSA (e.g. openssl rsa and openssl genrsa) or which have other limitations. Here we always use

@jkullick
jkullick / raspberry-pi-chroot-armv7-qemu.md
Last active March 24, 2024 14:36
Chroot into Raspberry Pi ARMv7 Image with Qemu 
# install dependecies
apt-get install qemu qemu-user-static binfmt-support

# download raspbian image
wget https://downloads.raspberrypi.org/raspbian_latest

# extract raspbian image
unzip raspbian_latest
@atoponce
atoponce / gist:07d8d4c833873be2f68c34f9afc5a78a
Last active March 19, 2024 17:24 — forked from tqbf/gist:be58d2d39690c3b366ad
Cryptographic Best Practices

Cryptographic Best Practices

Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.

The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from

@marick
marick / about_those_lava_lamps.md
Last active June 22, 2022 21:08
About Those Lava Lamps

Around 2006-2007, it was a bit of a fashion to hook lava lamps up to the build server. Normally, the green lava lamp would be on, but if the build failed, it would turn off and the red lava lamp would turn on.

By coincidence, I've actually met, about that time, (probably) the first person to hook up a lava lamp to a build server. It was Alberto Savoia, who'd founded a testing tools company (that did some very interesting things around generative testing that have basically never been noticed). Alberto had noticed that people did not react with any urgency when the build broke. They'd check in broken code and go off to something else, only reacting to the breakage they'd caused when some other programmer pulled the change and had problems.

@julz
julz / main.go
Created November 20, 2015 12:39
containersched minicontainer
package main
import (
"fmt"
"os"
"os/exec"
"syscall"
)
func main() {
@technion
technion / acme-client-runner.rb
Last active August 8, 2023 16:29
Runs Acme Client
#!/usr/bin/env ruby
# We're going to need a private key.
require 'openssl'
# Initialize the client
require 'acme/client'
# We need an ACME server to talk to, see github.com/letsencrypt/boulder
ENDPOINT = 'https://acme-v01.api.letsencrypt.org/'
#ENDPOINT = 'https://acme-staging.api.letsencrypt.org'
ACCOUNT_FILE = 'account_key.pem'
@AGWA
AGWA / cook_rsa_key.go
Last active April 13, 2021 15:36
Demonstrates that an RSA signature does not uniquely identify a public key.
/*
* Demonstrates that an RSA signature does not uniquely identify a public key.
* Given a signature, s, and a message m, it's possible to construct a new RSA key
* pair such that s is a valid signature for m under the new key pair.
*
* Requires Go version >= 1.5. Go <= 1.4 doesn't work due to a bug in the bignum
* package: https://github.com/golang/go/issues/9826
*
* Written in 2015 by Andrew Ayer <agwa@andrewayer.name>
*