Example code for How to Safely Store a Password in 2016.
Royce Williams roycewilliams
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| define('BENCH_ROUNDS', 200); | |
| $start = $stop = 0.0; | |
| $short = str_repeat("A", 16); | |
| $long = str_repeat("A", 1 << 20); | |
| $start = microtime(true); | |
| for ($i = 0; $i < BENCH_ROUNDS; ++$i) { | |
| sodium_crypto_pwhash_str($short, SODIUM_CRYPTO_PWHASH_OPSLIMIT_INTERACTIVE, SODIUM_CRYPTO_PWHASH_MEMLIMIT_INTERACTIVE); |
gnusosa
/ yubikey-get-oath.el
Last active
March 15, 2019 23:27
Get Yubikey OATH token from ykman with Ivy - Emacs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (defcustom ykman-path "/usr/local/bin/ykman" | |
| "Set this to the path of the command line ykman client for your OS.") | |
| (defun yubikey-get-oath () | |
| "Copy a OATH token to your kill-ring" | |
| (interactive) | |
| (let ((ivy-hash (make-hash-table :test 'equal)) | |
| (cb (lambda (choice) | |
| (with-temp-buffer |
Product: Sagitta Invictus-based dev box
Software: Hashcat v3.6.0-39-gc918173, Nvidia driver 381.22
Accelerator: 1x GTX 970 reference, 1x GTX 980 reference, 1x GTX Titan X (Maxwell) reference, 1x GTX 1080 Ti FE
root@dev:~/hashcat# ./hashcat -w 4 -b -m 3200
clauswilke
/ Alaska_Hawaii_animation.R
Created
August 5, 2018 21:05
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| library(sf) | |
| library(dplyr) | |
| library(ggplot2) | |
| library(gganimate) # needs development version from github | |
| # helper function to place a geometric object at a desired position | |
| # and scale | |
| place_geometry <- function(geometry, position, scale = 1) { | |
| (geometry - st_centroid(geometry)) * scale + | |
| st_sfc(st_point(position)) |
mattifestation
/ SimpleTCGLogParser.ps1
Last active
April 14, 2019 01:43
If you have the HgsDiagnostics PowerShell module, then you can parse TCG logs.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Import-Module HgsDiagnostics | |
| $GetHgsTrace = Get-Command Get-HgsTrace | |
| $RemoteAttestationCoreReference = $GetHgsTrace.ImplementingType.Assembly.GetReferencedAssemblies() | Where-Object { $_.Name -eq 'Microsoft.Windows.RemoteAttestation.Core' } | |
| Add-Type -AssemblyName $RemoteAttestationCoreReference.FullName | |
| $MostRecentTCGLog = Get-ChildItem C:\Windows\Logs\MeasuredBoot | Sort-Object -Property LastWriteTime -Descending | Select-Object -First 1 | Select-Object -ExpandProperty FullName | |
| $LogBytes = [IO.File]::ReadAllBytes($MostRecentTCGLog) | |
| $ParsedTCGLog = [Microsoft.Windows.RemoteAttestation.Core.TcgEventLog]::Parse($LogBytes) | |
| $ParsedTCGLog.TcgData.Children | Sort-Object -Property PcrIndex | Group-Object -Property PcrIndex |
ilbelkyr
/ gist:61a07ae69fdfcf2f8b99
Last active
June 15, 2019 20:20
freenode channel successor logic
(This covers what Atheme services as used on freenode will do if all founder (+F) accounts of a channel are dropped. It does not go into any staff policies on related matters. In particular, single-# channels have policies that services cannot reasonably implement¹ as they commonly involve talking to actual people.)
For single-# channels, the freenode-staff role account is always chosen as successor; normal channel successor logic does not apply in this case.
Otherwise, the "best" user will be selected from the channel's ACL according to the following criteria:
- They may not have the
+bflag. This ensures AKICKed users will never inherit a channel. - They need to be able to accomodate the channel registration; users who already have 30 channels registered cannot inherit a channel unless they have been granted the
RegNoLimitflag.²
kennwhite
/ default_openssl_version.md
Last active
July 5, 2019 03:43
Major Linux distributions default version of OpenSSL
NotMedic
/ markvulnerable.py
Last active
July 11, 2019 02:11
Script to mark hosts as vulnerable in Bloodhound.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys, json, urllib, urllib2 | |
| #Define the Bloodhound Database | |
| url = 'http://bloodhound-server:7474/db/data/cypher/' | |
| #Define the Bloodhound Credentials | |
| #echo neo4j:bloodhound | base64 | |
| base64auth = 'bmVvNGo6Ymxvb2Rob3VuZA==' | |
| request = urllib2.Request(url) |
atoponce
/ password_strength.md
Last active
July 11, 2019 04:20
A document evaluating different open source password generators and password strength testers. See the other Gists at the end of the document for the password results.
This is a collection of password generators and strength meter testing. Each generator produces a different array of passwords, of which are then tested against each of the strength meters. The defaults are used where possible, otherwise sane options are provided.
The following results are tables showing the generators, passwords, and strength testers described below.
- Randomly generaterd passwords: atoponce/random_results_table.md