mkropat
/ Android-Apps.md
Created
September 3, 2018 19:23
mkropat
/ boilerplate.html
Created
June 23, 2018 22:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="utf-8"> | |
| <meta name="viewport" content="width=device-width, initial-scale=1"> | |
| <meta http-equiv="X-UA-Compatible" content="ie=edge"> | |
| <title>PAGE TITLE</title> | |
| </head> | |
| <body> |
mkropat
/ imapsync-ubuntu-howto.md
Last active
June 23, 2018 22:39
Some (possibly incomplete) notes on how to install and use imapsync.
sudo apt install -y build-essential cpanimus libperl-dev libssl-dev
mkropat
/ Clean-LocalBranches.ps1
Last active
August 20, 2018 16:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| git branch --merged | foreach Trim | sls -NotMatch -Pattern '^[*]|\bmaster$' | foreach { git branch -d $_ } |
mkropat
/ Async-Processing-Nomenclature.md
Last active
April 25, 2018 17:59
When your API returns a 202 Accepted, what do you call the endpoint URL that lets consumers query the status of the request?
| URL | Examples |
|---|---|
| /job/ID | [[1]][restalk] |
| /ENTITY/jobs/ID | [[1]][rapis] |
| /monitor/ID | [[1]][james-snell] |
| /operations/ID | [[1]][microsoft] |
| /queue/ID | [[1]][restcookbook] [[2]][victor-farazdagi] |
| /queue/requests/ID | [[1]][paypal] |
mkropat
/ Attacking-OpenIDConnect.md
Last active
November 11, 2021 02:44
- Doesn't validate signature? → Forge arbitrary JWTs
- Acts on data in payload before validating signature? → Forge arbitrary JWTs
- Doesn't validate signature algorithm? → Forge JWT with algorithm
"none" - Doesn't validate key↔algorithm match? → Create
HS256signature signed with expected public key - Doesn't validate audience? → Trick victim to sign in to evil app, then use creds to auth to vulnerable app as victim
- Doesn't validate issuer? → Use JWT for one tenant to authenticate to a different tenant
- Doesn't validate nonce? → Replay attack
- Doesn't validate nonce/state against original sent value? → CSRF
mkropat
/ TimeSpan-Parse-Study.linq
Created
February 20, 2018 20:00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Query Kind="Program" /> | |
| void Main() | |
| { | |
| Format("00:00:00"); | |
| Format("00:00:01"); | |
| Format("23:59:00"); | |
| Format("24:00:00"); | |
| Format("24:00:01"); | |
| Format("1.00:00:00"); |
mkropat
/ Chrome-Setup.md
Last active
September 2, 2018 20:52
Go to duckduckgo.com and install the add-on.
- Disable AutoFill
- Disable Password saving
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Moved to https://github.com/mkropat/dotfiles/blob/master/.vimrc |
mkropat
/ signed-vs-unsigned.linq
Created
January 21, 2018 22:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Query Kind="Program" /> | |
| void Main() | |
| { | |
| Console.WriteLine($" {"value"} {"short",cs} {"ushort->short",cs} {"short->int",cs} {"ushort",cs} {"short->ushort",cs} {"ushort->int",cs} notes"); | |
| PrintShort(new byte[] { 0x00, 0x00 }); | |
| PrintShort(new byte[] { 0x00, 0x01 }); | |
| PrintShort(new byte[] { 0x7f, 0xfe }); | |
| PrintShort(new byte[] { 0x7f, 0xff }); | |
| PrintShort(new byte[] { 0x80, 0x00 }); |