Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
25 years of paving open source roads

Public Profile lookfirst

💭
25 years of paving open source roads
View GitHub Profile
@chris-belcher
chris-belcher / coinswap-design.md
Last active Oct 13, 2021
Design for a CoinSwap Implementation for Massively Improving Bitcoin Privacy and Fungibility
View coinswap-design.md

Design for a CoinSwap Implementation for Massively Improving Bitcoin Privacy and Fungibility

25/5/2020

Abstract

Imagine a future where a user Alice has bitcoins and wants to send them with maximal privacy, so she creates a special kind of transaction. For anyone looking at the blockchain her transaction appears completely normal with her coins seemingly going from address A to address B. But in reality her coins end up in address Z which is entirely unconnected to either A or B.

Now imagine another user, Carol, who isn't too bothered by privacy and sends her bitcoin using a regular wallet which exists today. But because Carol's transaction looks exactly the same as Alice's, anybody analyzing the blockchain must now deal with the possibility that Carol's transaction actually sent her coins to a totally unconnected address. So Carol's privacy is improved even though she didn't change her behaviour, and perhaps had never even heard of this software.

@AndreaLanfranchi
AndreaLanfranchi / bootnodes
Created Feb 17, 2020
Ethash-ProgPoW 0.9.3.
View bootnodes
enode://8889269a8059832b6f25f3ef7f04e0aff25f0776d92e542a60f96b42f7bfb2616fcb98c842202ebba171c02bf429e3813192ab04c0ad741b22860184994ea748@3.126.167.52:30303
@IanColdwater
IanColdwater / twittermute.txt
Last active Oct 15, 2021
Here are some terms to mute on Twitter to clean your timeline up a bit.
View twittermute.txt
Mute these words in your settings here: https://twitter.com/settings/muted_keywords
ActivityTweet
generic_activity_highlights
generic_activity_momentsbreaking
RankedOrganicTweet
suggest_activity
suggest_activity_feed
suggest_activity_highlights
suggest_activity_tweet
@lizthegrey
lizthegrey / attributes.rb
Last active Oct 12, 2021
Hardening SSH with 2fa
View attributes.rb
default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'
@zombiezen
zombiezen / readctx.go
Last active Nov 30, 2020
Reading while respecting Context.Done
View readctx.go
// ctxReader adds timeouts and cancellation to a reader.
type ctxReader struct {
r io.Reader
ctx context.Context // set to change Context
// internal state
result chan readResult
pos, n int
err error
buf [1024]byte
View quick-tips-optimizing-jvm.md

Quick Tips for Fast Code on the JVM

I was talking to a coworker recently about general techniques that almost always form the core of any effort to write very fast, down-to-the-metal hot path code on the JVM, and they pointed out that there really isn't a particularly good place to go for this information. It occurred to me that, really, I had more or less picked up all of it by word of mouth and experience, and there just aren't any good reference sources on the topic. So… here's my word of mouth.

This is by no means a comprehensive gist. It's also important to understand that the techniques that I outline in here are not 100% absolute either. Performance on the JVM is an incredibly complicated subject, and while there are rules that almost always hold true, the "almost" remains very salient. Also, for many or even most applications, there will be other techniques that I'm not mentioning which will have a greater impact. JMH, Java Flight Recorder, and a good profiler are your very best friend! Mea

@EdOverflow
EdOverflow / github_bugbountyhunting.md
Last active Oct 17, 2021
My tips for finding security issues in GitHub projects.
View github_bugbountyhunting.md

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python githubcloner.py --org organization -o /tmp/output
@alekseykulikov
alekseykulikov / index.md
Last active Aug 8, 2020
Principles we use to write CSS for modern browsers
View index.md

Recently CSS has got a lot of negativity. But I would like to defend it and show, that with good naming convention CSS works pretty well.

My 3 developers team has just developed React.js application with 7668 lines of CSS (and just 2 !important). During one year of development we had 0 issues with CSS. No refactoring typos, no style leaks, no performance problems, possibly, it is the most stable part of our application.

Here are main principles we use to write CSS for modern (IE11+) browsers:

View gist:2fb7dc2199b0d4bf160364b8e557eb66
man() {
env \
LESS_TERMCAP_mb=$(printf "\e[1;31m") \
LESS_TERMCAP_md=$(printf "\e[1;31m") \
LESS_TERMCAP_me=$(printf "\e[0m") \
LESS_TERMCAP_se=$(printf "\e[0m") \
LESS_TERMCAP_so=$(printf "\e[1;44;33m") \
LESS_TERMCAP_ue=$(printf "\e[0m") \
LESS_TERMCAP_us=$(printf "\e[1;32m") \
man "$@"