Skip to content

Instantly share code, notes, and snippets.

View nu11secur1ty's full-sized avatar
:octocat:
root@kali:~# 🐫Perl

nu11secur1ty nu11secur1ty

:octocat:
root@kali:~# 🐫Perl
669 followers · 0 following
View GitHub Profile
@olegpolukhin
olegpolukhin / Run external Python script in Golang
Last active March 7, 2024 12:53
run external Python script in Golang
package main
import (
"bufio"
"fmt"
"io"
"os/exec"
)
func main() {
@nu11secur1ty
nu11secur1ty / git_cheat-sheet.md
Created April 21, 2019 12:03 — forked from davfre/git_cheat-sheet.md
git commandline cheat-sheet
@nu11secur1ty
nu11secur1ty / cspheader.php
Created January 9, 2018 09:12 — forked from phpdave/cspheader.php
CSP Header for PHP or Apache or .htaccess - Content Security Protocol
<?
//CSP only works in modern browsers Chrome 25+, Firefox 23+, Safari 7+
$headerCSP = "Content-Security-Policy:".
"connect-src 'self' ;". // XMLHttpRequest (AJAX request), WebSocket or EventSource.
"default-src 'self';". // Default policy for loading html elements
"frame-ancestors 'self' ;". //allow parent framing - this one blocks click jacking and ui redress
"frame-src 'none';". // vaid sources for frames
"media-src 'self' *.example.com;". // vaid sources for media (audio and video html tags src)
"object-src 'none'; ". // valid object embed and applet tags src
"report-uri https://example.com/violationReportForCSP.php;". //A URL that will get raw json data in post that lets you know what was violated and blocked
@nu11secur1ty
nu11secur1ty / xss_clean.php
Created January 7, 2018 11:32 — forked from mbijon/xss_clean.php
XSS filtering in PHP (cleans various UTF encodings & nested exploits)
<?php
/*
* XSS filter, recursively handles HTML tags & UTF encoding
* Optionally handles base64 encoding
*
* ***DEPRECATION RECOMMENDED*** Not updated or maintained since 2011
* A MAINTAINED & BETTER ALTERNATIVE => kses
* https://github.com/RichardVasquez/kses/
*
* This was built from numerous sources
@velppa
velppa / books.md
Created November 16, 2017 16:17 — forked from abstractart/books.md
Download free O'Reilly books
@nu11secur1ty
nu11secur1ty / Kernels.md
Created December 18, 2016 21:30

Ядра

В компютърния свят, ядрото е фундаментална част от операционната система. То е част от софтуера, отговорен за предоставянето на сигурен достъп на програмите до хардуера на машината. Тъй като има много програми и достъпът до хардуера е ограничен, ядрото е също отговорно за решаването кога и колко дълго една програма ще бъде допусната да използва част от хардуера. Осигуряването на директен достъп до хардуера може също така да бъде много сложно, затова ядрата обикновено имплементират серия от хардуерни абстракции. Тези абстракции са начин, чрез който се скрива сложността, и се доставя ясен и непроменлив интерфейс към подлежащия хардуер, което улеснява живота на програмистта. Има четири вида ядра:

Монолитните ядра осигуряват богата и мощна абстракция от хардуера
Микро ядрата осигуряват малка серия от прости хардуерни абстракции и използват програми наречени драйвери, за да се сдобият с повече функционалност

Хибридните ядра са почти като микро ядрата, с изключение на това, че имат повече код в

@nu11secur1ty
nu11secur1ty / Kernel and Types of kernels.md
Last active December 16, 2016 12:58

1. What Is Kernel?

A kernel is a central component of an operating system. It acts as an interface between the user applications and the hardware. The sole aim of the kernel is to manage the communication between the software (user level applications) and the hardware (CPU, disk memory etc). The main tasks of the kernel are :

Process management
Device management
Memory management
Interrupt handling

I/O communication

@laobubu
laobubu / ABOUT.md
Last active March 23, 2024 05:28
A very simple HTTP server in C, for Unix, using fork()

Pico HTTP Server in C

This is a very simple HTTP server for Unix, using fork(). It's very easy to use

How to use

  1. include header httpd.h
  2. write your route method, handling requests.
  3. call serve_forever("12913") to start serving on port 12913
@nu11secur1ty
nu11secur1ty / Oracle MySQL - 'ALTER DATABASE' Remote Denial of Service
Created November 7, 2016 07:19
A vulnerability was reported in MySQL. A remote authenticated user can cause denial of service conditions.
This issue affects versions prior to MySQL 5.1.48.
A remote authenticated user can send a specially crafted ALTER DATABASE command to cause the target server to move a data directory into a new subdirectory, causing the data directory to become unusable.
A demonstration exploit request is provided [where "<special>" is "." or ".." or is a sequence that begins with "./" or "../"]:
ALTER DATABASE `#mysql50#<special>` UPGRADE DATA DIRECTORY NAME
@nu11secur1ty
nu11secur1ty / readme.md
Last active March 13, 2023 18:20
Installation of Elasticsearch, Logstash, and Kibana

Installing ELK (CentOS (6 - NOTE: with your own modified) ,7)

Introduction

In this tutorial, we will go over the installation of the Elasticsearch ELK Stack on CentOS 7—that is, Elasticsearch 2.1.x, Logstash 2.1.x, and Kibana 4.3.x. We will also show you how to configure it to gather and visualize the syslogs of your systems in a centralized location, using Filebeat 1.0.x. Logstash is an open source tool for collecting, parsing, and storing logs for future use. Kibana is a web interface that can be used to search and view the logs that Logstash has indexed. Both of these tools are based on Elasticsearch, which is used for storing logs.

Centralized logging can be very useful when attempting to identify problems with your servers or applications, as it allows you to search through all of your logs in a single place. It is also useful because it allows you to identify issues that span multiple servers by correlating their logs during a specific time frame.

It is possible to use Logstash to gather logs of al