This guide is unmaintained and was created for a specific workshop in 2017. It remains as a legacy reference. Use at your own risk.
Workshop Instructor:
- Lilly Ryan @attacus_au
This workshop is distributed under a CC BY-SA 4.0 license.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # IMPORTANT! | |
| # This gist has been transformed into a github repo | |
| # You can find the most recent version there: | |
| # https://github.com/Neo23x0/auditd | |
| # ___ ___ __ __ | |
| # / | __ ______/ (_) /_____/ / | |
| # / /| |/ / / / __ / / __/ __ / | |
| # / ___ / /_/ / /_/ / / /_/ /_/ / | |
| # /_/ |_\__,_/\__,_/_/\__/\__,_/ |
chrismdp
/ s3.sh
Last active
March 5, 2024 12:57
Uploading to S3 in 18 lines of Shell (used to upload builds for http://soltrader.net)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # You don't need Fog in Ruby or some other library to upload to S3 -- shell works perfectly fine | |
| # This is how I upload my new Sol Trader builds (http://soltrader.net) | |
| # Based on a modified script from here: http://tmont.com/blargh/2014/1/uploading-to-s3-in-bash | |
| S3KEY="my aws key" | |
| S3SECRET="my aws secret" # pass these in | |
| function putS3 | |
| { | |
| path=$1 |
attacus
/ riot-matrix-workshop.md
Last active
March 13, 2024 00:16
Create your own encrypted chat server with Riot and Matrix
When hosting our web applications, we often have one public IP
address (i.e., an IP address visible to the outside world)
using which we want to host multiple web apps. For example, one
may wants to host three different web apps respectively for
example1.com, example2.com, and example1.com/images on
the same machine using a single IP address.
How can we do that? Well, the good news is Internet browsers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 下述密码均摘自互联网 | |
| 【字母表顺序】-数字 | |
| 加密的时候,经常要把A~Z这26个字母转换成数字,最常见的一种方法就是取字母表中的数字序号。A代表1,B代表2,C代表3... | |
| 字母 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z | |
| 数字 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 | |
chrisboulton
/ ip_blacklist.lua
Last active
April 2, 2024 10:43
Redis based IP blacklist for Nginx (LUA)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- a quick LUA access script for nginx to check IP addresses against an | |
| -- `ip_blacklist` set in Redis, and if a match is found send a HTTP 403. | |
| -- | |
| -- allows for a common blacklist to be shared between a bunch of nginx | |
| -- web servers using a remote redis instance. lookups are cached for a | |
| -- configurable period of time. | |
| -- | |
| -- block an ip: | |
| -- redis-cli SADD ip_blacklist 10.1.1.1 | |
| -- remove an ip: |
tegansnyder
/ Preventing-Puppeteer-Detection.md
Created
February 23, 2018 02:41
Preventing Puppeteer Detection
I’m looking for any tips or tricks for making chrome headless mode less detectable. Here is what I’ve done so far:
Set my args as follows:
const run = (async () => {
const args = [
'--no-sandbox',
'--disable-setuid-sandbox',
'--disable-infobars',
MBrassey
/ Match_Addresses.md
Last active
April 11, 2024 12:44
Match Crypto Wallet Addresses (REGEX)
The following regular expressions are crafted to match some commonly used cryptocurrency wallet address types. This document details the Regex components and pattern tests to match Ethereum, Bitcoin, Dash and Monero addresses.
/^0x[a-fA-F0-9]{40}$/g
h4x0r-dz
/ Generic keys
Created
May 5, 2022 09:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k |
Neo23x0
/ yara_performance_guidelines.md
Last active
April 30, 2024 10:39
YARA Performance Guidelines
This Gist has been transfered into a Github Repo. You'll find the most recent version here.
When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them. This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.
- Revision 1.4, October 2020, applies to all YARA versions higher than 3.7