Skip to content

Instantly share code, notes, and snippets.

Avatar
🕶️
busy, busy

Mike Bijon mbijon

🕶️
busy, busy
View GitHub Profile
@mbijon
mbijon / xss_clean.php
Last active Aug 31, 2022
XSS filtering in PHP (cleans various UTF encodings & nested exploits)
View xss_clean.php
<?php
/*
* XSS filter, recursively handles HTML tags & UTF encoding
* Optionally handles base64 encoding
*
* ***DEPRECATION RECOMMENDED*** Not updated or maintained since 2011
* A MAINTAINED & BETTER ALTERNATIVE => kses
* https://github.com/RichardVasquez/kses/
*
* This was built from numerous sources
@mbijon
mbijon / measure_img_similarity.py
Created Oct 20, 2019 — forked from duhaime/measure_img_similarity.py
Compare image similarity in Python using Structural Similarity, Pixel Comparisons, Wasserstein Distance (Earth Mover's Distance), and SIFT
View measure_img_similarity.py
import warnings
from skimage.measure import compare_ssim
from skimage.transform import resize
from scipy.stats import wasserstein_distance
from scipy.misc import imsave
from scipy.ndimage import imread
import numpy as np
import cv2
##
@mbijon
mbijon / fft.php
Last active Mar 11, 2022
Fast Fourier Transform in PHP
View fft.php
<?php
// !!! Warning: for reference, not debugged
###################################################################
# PHP_Fourier 0.03b
# Original Fortran source by Numerical Recipies
# PHP port by Mathew Binkley (binkleym@nukote.com)
###################################################################
View Windows Path Traversal Cheatsheet
Encoded Traversal Strings:
../
..\
..\/
%2e%2e%2f
%252e%252e%252f
%c0%ae%c0%ae%c0%af
%uff0e%uff0e%u2215
%uff0e%uff0e%u2216
@mbijon
mbijon / gist:7468011
Created Nov 14, 2013
spammer's comment-generation code, from: http://pastebin.com/y4NgSPut# (Accidentally posted in comment thread instead of fake comment...)
View gist:7468011
{
{I have|I’ve} been {surfing|browsing} online more than {three|3|2|4} hours today,
yet I never found any interesting article like yours. {It’s|It is}
pretty worth enough for me. {In my opinion|Personally|In my view},
if all {webmasters|site owners|website owners|web owners} and bloggers
made good content as you did, the {internet|net|web} will be {much
more|a lot more} useful than ever before.|
I {couldn’t|could not} {resist|refrain from} commenting.
{Very well|Perfectly|Well|Exceptionally well} written!|
{I will|I’ll} {right away|immediately} {take hold of|grab|clutch|grasp|seize|snatch} your {rss|rss feed} as I {can not|can’t} {in finding|find|to
@mbijon
mbijon / nginx.conf
Last active Jan 26, 2022 — forked from Stanback/nginx.conf
Nginx CORS-support for proxied Grape/Rails/Passenger APIs
View nginx.conf
#
# CORS-header support example while nginx proxies Rails/Grape + Passenger
# ...not a complete config file
#
server {
listen 443 ssl;
root /foo/public;
# Modify for API-specific
try_files $uri/index.html $uri @passenger;
@mbijon
mbijon / class-search.php
Created Dec 11, 2015 — forked from arsonus/class-search.php
A PHP script to search a MySQL database
View class-search.php
<?php
/**
* Performs a search
*
* This class is used to perform search functions in a MySQL database
*
* @version 1.0
* @author John Morris <support@johnmorrisonline.com>
*/
class search {
@mbijon
mbijon / algol_svd.py
Created Jan 29, 2016
Almost exact translation of the ALGOL SVD algorithm published in Numer. Math. 14, 403-420 (1970) by G. H. Golub and C. Reinsch -- http://161.111.227.80/compbio/material/algoritmos3D/files/SVD.py
View algol_svd.py
# Almost exact translation of the ALGOL SVD algorithm published in
# Numer. Math. 14, 403-420 (1970) by G. H. Golub and C. Reinsch
#
# Copyright (c) 2005 by Thomas R. Metcalf, helicity314-stitch <at> yahoo <dot> com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
@mbijon
mbijon / disable-xss-auditor.sh
Created Sep 19, 2016
CLI command to start Chrome with XSS Auditor disabled. Use for XSS/security testing
View disable-xss-auditor.sh
'/Applications/Google Chrome.app/Contents/MacOS/Google Chrome' --disable-xss-auditor --enable-devtools-experiments --disable-features=enable-automatic-password-saving
@mbijon
mbijon / wordpress-remove-media_buttons.php
Last active Jul 27, 2021
Remove 'Add Media' button from above WP editor, per post-type
View wordpress-remove-media_buttons.php
function check_post_type_and_remove_media_buttons() {
global $current_screen;
// use 'post', 'page' or 'custom-post-type-name'
if( 'post' == $current_screen->post_type ) add_action( 'media_buttons_context' , create_function('', 'return;') );
}
add_action('admin_head','check_post_type_and_remove_media_buttons');