Skip to content

Instantly share code, notes, and snippets.


Quinn Comendant quinncomendant

View GitHub Profile
View gist:96bbf89a579f763884ceb0b434d73b36
# SPECIFIC: Block #submit #validate #process #pre_render #post_render #element_validate #after_build #value_callback parameters
SecRule REQUEST_FILENAME "(index\.php|\/$)" "chain,id:003294,t:lowercase,t:none,t:utf8toUnicode,t:urlDecodeUni,t:urldecode,block"
SecRule ARGS_NAMES|REQUEST_COOKIES_NAMES "^\#(submit|validate|pre_render|post_render|element_validate|after_build|value_callback|process)$|\[(?:\'|\")?#(submit|validate|pre_render|post_render|element_validate|after_build|value_callback|process)"
# GENERIC: Block all parameters starting with #
SecRule REQUEST_FILENAME "(index\.php|\/$)" "chain,id:003309,t:lowercase,t:none,t:utf8toUnicode,t:urlDecodeUni,t:urldecode,block"
koenrh /
Last active May 28, 2022
Running Hashcat on Google Cloud's new GPU-based VMs

Running Hashcat on Google Cloud's GPU-based VMs

In February 2017, Google announced the availability GPU-based VMs. I spun up a few of these instances, and ran some benchmarks. Along the way, I wrote down the steps taken to provision these VM instances, and install relevant drivers.

Update April 2019: Updated instructions to use instances with the Tesla T4 GPUs.

greim /
Last active Nov 26, 2020
Using a Reverse Proxy for Rapid Prototyping

Using a Reverse Proxy for Rapid Prototyping

Note: This will be a contrived example, but hopefully illustrates some real-world trade-offs.

Example scenario: Suppose you're an independent web developer, and a client asks you to prototype a redesign of their website header. You'll be paid for your time, and if the client likes it, you'll be hired to do the full implementation. Your incentive is to show the client a quick, functional demo of the updated header. The problem is that quick and functional tend to be mutually-exclusive.

At One Extreme: Do It Fast

twksos / CiscoVPNConnection.scpt
Last active Feb 2, 2022
Cisco VPN connection auto connect AppleScript
View CiscoVPNConnection.scpt
-- Please set your vpn connection name and password here
set VPNName to "VPN name"
set VPNpassword to "VPN password"
tell application "System Events"
tell current location of network preferences
set VPNService to service VPNName
end tell
set isConnected to connected of current configuration of VPNService
younes0 / RateLimitSubscriber.php
Last active Dec 4, 2015
Rate Limit Subscriber for Guzzle 4.x + Laravel
View RateLimitSubscriber.php
* Todo: Decouple from Laravel's Caching system
use GuzzleHttp\Collection;
use GuzzleHttp\Event\BeforeEvent;
use GuzzleHttp\Event\CompleteEvent;
use GuzzleHttp\Event\EmitterInterface;
cviebrock / select2-foundation5.css
Created Dec 20, 2013
Select2 CSS for Zurb Foundation 5
View select2-foundation5.css
Version: 3.4.5 Timestamp: Mon Nov 4 08:22:42 PST 2013
.select2-container {
margin: 0 0 1rem 0;
position: relative;
vertical-align: middle;
font-family: inherit;
-webkit-appearance: none !important;
font-size: 0.875rem;
dergachev /
Last active Aug 11, 2022
OS X Screencast to animated GIF

OS X Screencast to animated GIF

This gist shows how to create a GIF screencast using only free OS X tools: QuickTime, ffmpeg, and gifsicle.

Screencapture GIF


To capture the video (filesize: 19MB), using the free "QuickTime Player" application:

mickm /
Created Nov 21, 2012
Whitelist Pingdom probe-servers in iptables.
# Whitelist Pingdom probe-servers in iptables.
# Create a chain called "PINGDOM" and jump to it somewhere before
# the final REJECT/DROP, e.g.
# # New chain for Pingdom rules
# :PINGDOM - [0:0]
nikolaplejic / gist:3654637
Created Sep 6, 2012
How to copy/paste your password in PayPal's change password form
View gist:3654637
PayPal blocks copy/paste actions in their "change password" form,
citing some irrelevant security issues as the reason. That's a
load of crap, and they know it -- disabling copy/paste makes it a
lot harder to use a decent password generator and a lot easier to
screw up your pwd when retyping, especially if it's a long one
(as it should be!).
So, here's the quick'n'dirty way to use an externally generated
password in your PayPal account:
joncave / endpoints.php
Created Jun 7, 2012
WP_Rewrite endpoints demo
View endpoints.php
Plugin Name: WP_Rewrite endpoints demo
Description: A plugin giving example usage of the WP_Rewrite endpoint API
Plugin URI:
Author: Jon Cave
Author URI:
function makeplugins_endpoints_add_endpoint() {