Skip to content

Instantly share code, notes, and snippets.

Avatar

Shotaro Kohama shotarok

View GitHub Profile
View xss-game.md

XSS-game by Google

Welcome, recruit! Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications. These nasty buggers can allow your enemies to steal or modify user data in your apps and you must learn to dispatch them, pronto!

At Google, we know very well how important these bugs are. In fact, Google is so serious about finding and fixing XSS issues that we are paying mercenaries up to $7,500 for dangerous XSS bugs discovered in our most sensitive products.

In this training program, you will learn to find and exploit XSS bugs. You'll use this knowledge to confuse and infuriate your adversaries by preventing such bugs from happening in your applications.

There will be cake at the end of the test.

@pib
pib / sexp.py
Created Nov 23, 2009
A simple Python s-expression parser.
View sexp.py
from string import whitespace
atom_end = set('()"\'') | set(whitespace)
def parse(sexp):
stack, i, length = [[]], 0, len(sexp)
while i < length:
c = sexp[i]
print c, stack
View BetterList.py
#!/usr/bin/python
class List(list):
def dup(self):
def _dup(lst,ancestors):
for orig,copy in ancestors:
if lst == orig:
return copy
copy = lst[:]
_ancestors = ancestors+[(lst,copy)]
for i,x in enumerate(copy):
@eiennohito
eiennohito / caff
Last active Aug 29, 2015
Small wrapper on the caffeinate command in MacOS X to provide easy calculation of durations instead of specifying just seconds.
View caff
#!/usr/bin/env python
from optparse import OptionParser
import re
from os import execvp
parser = OptionParser()
parser.add_option('-i', action="store_const", dest='mode', const='i')
parser.add_option('-m', action="store_const", dest='mode', const='m')
View popcnt-test.cpp
#include <iostream>
#include <vector>
#include <random>
#include <chrono>
#include <popcntintrin.h>
#include <stdlib.h>
std::vector<int> fill_vector(long size) {