... or Why Pipelining Is Not That Easy
Golang Concurrency Patterns for brave and smart.
By @kachayev
UniIsland
/ SimpleHTTPServerWithUpload.py
Created
August 14, 2012 04:01
Simple Python Http Server with Upload
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """Simple HTTP Server With Upload. | |
| This module builds on BaseHTTPServer by implementing the standard GET | |
| and HEAD requests in a fairly straightforward manner. | |
| """ |
kachayev
/ concurrency-in-go.md
Last active
May 31, 2024 09:34
Channels Are Not Enough or Why Pipelining Is Not That Easy
CTurt
/ gist:27fe7f3c241f69be19e5
Created
December 14, 2015 19:24
PS4 kernel exploit tease (root FS dump, and list of PIDs)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [+] Entered shellcode | |
| [+] UID: 0, GID: 0 | |
| [DIR]: . | |
| [DIR]: .. | |
| [DIR]: adm | |
| [DIR]: app_tmp | |
| [DIR]: data | |
| [DIR]: dev | |
| [DIR]: eap_user | |
| [DIR]: eap_vsh |
Original source: https://github.com/0xced/iOS-Artwork-Extractor/wiki/Extracting-more-artwork
You can extract even more artwork if you decrypt and mount an iOS firmware (.ipsw file).
- ipsw_decrypt.py
- Python 3.2 (required by ipsw_decrypt.py)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!doctype html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="utf-8"> | |
| <title>Viewport Test</title> | |
| <meta name="viewport" content="width=device-width, initial-scale=1"> | |
| <script src="/workaround.js"></script> | |
| </head> | |
| <body> |
edwinfinch
/ 2070 Paradigm Shift Transcript
Last active
May 19, 2024 13:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2070 Paradigm Shift Transcript | |
| Transcribed by Edwin Finch | |
| Sam, you're a legend. Enjoy | |
| ============================== | |
| Whew. | |
| Hey. |
fincham
/ libpam-script_twilio
Last active
August 7, 2017 10:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Send a Twilio SMS when a person logs in over SSH or uses sudo. Michael Fincham <michael@hotplate.co.nz> 2017-05-22 | |
| # | |
| # For a Debian host: | |
| # - Install the packages for libpam-script and curl | |
| # - Edit this script to set the configuration variables, and place it in /usr/share/libpam-script/pam_script_acct | |
| # - Add this line to /etc/pam.d/common-account: | |
| # account optional pam_script.so |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* SMBLoris attack proof-of-concept | |
| * | |
| * Copyright 2017 Hector Martin "marcan" <marcan@marcan.st> | |
| * | |
| * Licensed under the terms of the 2-clause BSD license. | |
| * | |
| * This is a proof of concept of a publicly disclosed vulnerability. | |
| * Please do not go around randomly DoSing people with it. | |
| * | |
| * Tips: do not use your local IP as source, or if you do, use iptables to block |
EdOverflow
/ github_bugbountyhunting.md
Last active
June 23, 2024 20:29
My tips for finding security issues in GitHub projects.
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/jb/bin/bash | |
| CYCRIPT_PORT=1337 | |
| function help { | |
| echo "Syntax: $0 [-p PID | -P appname] [-l /path/to/yourdylib | -L feature]" | |
| echo | |
| echo For example: | |
| echo " $0 -P Reddit.app -l /path/to/evil.dylib # Injects evil.dylib into the Reddit app" | |
| echo " or" |
OlderNewer