Skip to content

Instantly share code, notes, and snippets.

View ondrj's full-sized avatar
🎯
kinda focusing

Ondřej ondrj

🎯
kinda focusing
23 followers · 97 following
View GitHub Profile
@johnazariah
johnazariah / free.fs
Created April 3, 2018 22:02
Free Monad with Trampoline Infrastructure and Computation Builder
// F<'a> is any type with member 'map' of type ('a -> 'b) -> F<'a> -> F<'b>
type F<'a> = QIL<'a>
and S<'a> = F<Q<'a>>
and Q<'a> =
private
| Step of Step<'a>
| Bind of IBind<'a>
with
static member lift (k : F<'a>) : Q<'a> = Step (Suspend (fun () -> S<_>.map (Yield >> Step) k))
@grugq
grugq / grugq quotes from Downclimb
Created February 5, 2019 07:06 — forked from 0xdabbad00/grugq quotes from Downclimb
Give a man an 0day and he'll have access for a day, teach a man to phish and he'll have access for life.
https://twitter.com/thegrugq/status/563964286783877121
--
You can get 25% off a Mandiant incident response with the code: ITWASCHINA. 100% off if you just use that code as the report.
https://twitter.com/thegrugq/status/600345075562909696
--
Fear of 0day is like being terrified of ninjas instead of cardiovascular disease.
https://twitter.com/thegrugq/status/851001030019907588
@v-p-b
v-p-b / AV2019.txt
Last active March 5, 2021 16:31
https://seclists.org/fulldisclosure/2019/Aug/1
https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
https://blog.silentsignal.eu/2019/06/24/self-defenseless-exploring-kasperskys-local-attack-surface/
https://safebreach.com/Post/BitDefender-Antivirus-Free-2020-Privilege-Escalation-to-SYSTEM
https://safebreach.com/Post/Trend-Micro-Password-Manager-Privilege-Escalation-to-SYSTEM
https://safebreach.com/Post/Check-Point-Endpoint-Security-Initial-Client-for-Windows-Privilege-Escalation-to-SYSTEM
http://rce4fun.blogspot.com/2019/08/comodo-antivirus-sandbox-race-condition.html
https://medium.com/bugbountywriteup/5-000-usd-xss-issue-at-avast-desktop-antivirus-for-windows-yes-desktop-1e99375f0968
https://posts.specterops.io/cve-2019-12757-local-privilege-escalation-in-symantec-endpoint-protection-1f7fd5c859c6
https://nafiez.github.io/security/poc/2019/11/22/POC-conference-present.html
@atoponce
atoponce / gist:07d8d4c833873be2f68c34f9afc5a78a
Last active March 19, 2024 17:24 — forked from tqbf/gist:be58d2d39690c3b366ad
Cryptographic Best Practices

Cryptographic Best Practices

Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.

The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from

@stettix
stettix / things-i-believe.md
Last active March 20, 2024 17:45
Things I believe

Things I believe

This is a collection of the things I believe about software development. I have worked for years building backend and data processing systems, so read the below within that context.

Agree? Disagree? Feel free to let me know at @JanStette. See also my blog at www.janvsmachine.net.

Fundamentals

Keep it simple, stupid. You ain't gonna need it.

@lefticus
lefticus / codingstandards-0-automatedanalysis.md
Last active April 4, 2024 19:00
C++ Coding Standards

THIS DOCUMENT

IS OUT OF

DATE

See https://github.com/lefticus/cppbestpractices/blob/master/00-Table_of_Contents.md Instead!

C++ Coding Standards Part 0: Automated Code Analysis

Automated analysis is the main advantage to working with a modern statically typed compiled language like C++. Code analysis tools can inform us when we have implemented an operator overload with a non-canonical form, when we should have made a method const, or when the scope of a variable can be reduced.